Fix Your Infected PC or Risk Losing Internet in July

By Alexandra Burlacu | Apr 21, 2012 01:22 PM EDT

Previous image Enlarge Close Next image

Share This Story

Here's the bad news - In an online advertising scam, hackers may have infected hundreds of thousands of computers worldwide. And, here's the worse news - On July 9, infected computers may lose their ability to connect to the Internet.

Hackers infected a network of at least 570,000 computers worldwide, by taking advantage of vulnerabilities in the Microsoft Windows OS to install malicious software on infected computers. "This turned off antivirus updates and changed the way computers reconcile website addresses behind the scenes on the Internet's domain name system," explains USA Today.

How the Scam Works

Computers use numerical addresses, translated by a network of servers called DNS system. Infected computers were reprogrammed to use rogue DNS servers owned by the attackers, allowing them to redirect computers to fake, fraudulent versions of any Web site. According to the FBI, the hackers earned at least $14 million from advertisements that appeared on Web sites that victims were tricked into visiting. The scam made thousands of computers rely on the rogue servers to browse the Internet.

Most victims are not even aware their computers have been infected, though the malicious software has probably slowed their Web surfing and disabled their antivirus software, making the computers more vulnerable to other infections. In an unusual response to the online advertising scam, the FBI set up a safety net months ago, using government computers to prevent Internet disruptions on infected computers.

How to Check Whether Your Computer is Infected

The system set up by the FBI, however, will be shut down in July, leaving infected users unable to connect to the Internet. The FBI advises users to visit http://www.dcwg.org and check whether they have been infected, and if so, follow the steps to fix the problem.

The Web site features a "Detect" button in the upper left corner. Clicking "Detect" or the green button next to it will redirect users to a new page, which will display a list. To check whether they have been infected, users must select their language from the list and click on the link next to it. If the computer is not infected, the page will display a green logo with the message "DNS Resolution(equals)Green. Your computer appears to be looking up IP addresses correctly!" If this message appears, no further measures are necessary.

On the other hand, if the computer is infected, the page will display a red logo and will redirect the user to a new page. In this case, the user will be directed to Web sites that provide antivirus tools that cyber-security experts have found effective in removing the malware. Users who do not fix their infected computers will no longer be able to connect to the Internet after July 9. "The full court press is on to get people to address this problem," said FBI supervisory special agent Tom Grasso.

(reported by Alexandra Burlacu, edited by Dave Clark)