Despite repeated warnings, it's possible that as many as 277,000 or more computers worldwide are still vulnerable to the DNSChanger trojan, a malicious software program that redirects infected computers to bogus websites. At 12:01 EDT July 9, infected computers will be unable to access Internet sites and users will have to call their service providers to help delete the malware and repair their Internet connection.
The whole situation sounds almost like thriller fiction. It started last year when international hackers used an online advertising scam to grab control of more than 570,000 computers worldwide. The FBI, upon trying to take down the malicious servers, found another problem: if the servers went down, so would the computers and their connection to the Internet. To avoid this, the feds brought in a private company to install two clean servers that would take over for the malicious severs and set up a special website to tell consumers how to access these and clear off the malware.
In addition to individual computer owners, about 50 Fortune 500 companies are still infected as well, the FBI said.
According to an Associated Press story, infected computers are already slower to surf the Web and have disabled antivirus software that itself poses a serious security problem. Still, most victims don't know they're infected so social networking sites like Google (Nasdaq: GOOG) and Facebook (Nasdaq: FB) have posted messages that say "your computer or network might be infected" and offer a link to get more information on how to correct the problem.
Service providers including Comcast (Nasdaq: CMCSA), which probably has more online users than any other ISP, have taken steps to inform those subscribers known to be infected via e-mail, letter or Internet notice.
FBI supervisory special agent Tom Grasso said in the story that other ISPs "may come up with technical solutions" that they will enable Monday to either correct the problem or help customers who find their Internet is down.
The FBI has provided a link for users--http://www.dcwg.org--that contains links to commercial sites that will run a quick computer check and lays out instructions for users who want to manually check their computers.
- see this AP story
Security alert: Mobile networks and devices need constant protection from threats
Cable operators back cyber security bill