WASHINGTON — Hundreds of thousands of computers worldwide may have been infected by hackers in an online advertising scam and may lose their ability to connect to the Internet on July 9.
When international hackers ran an online advertising scam months ago to take control of infected computers around the world, the FBI set up a safety net using government computers to prevent Internet disruptions for those infected users. But that system is to be shut down.
The FBI is encouraging users to visit a website run by its security partner, www.dcwg.org, that will inform them whether their computer is infected and explain how to fix the problem. After July 9, infected users won’t be able to connect to the Internet.
Most victims don’t even know their computers have been infected, although the malicious software probably has slowed their web surfing and disabled their antivirus software, making their machines more vulnerable to other problems.
Last November, the FBI and other authorities were preparing to take down a hacker ring that had been running an Internet ad scam on a massive network of infected computers.
“We started to realize that we might have a little bit of a problem on our hands because … if we just pulled the plug on their criminal infrastructure and threw everybody in jail, the victims of this were going to be without Internet service,” said Tom Grasso, an FBI supervisory special agent. “The average user would open up Internet Explorer and get ‘page not found’ and think the Internet is broken.”
On the night of the arrests, the agency brought in Paul Vixie, chairman and founder of Internet Systems Consortium, to install two Internet servers to take the place of the truckload of impounded rogue servers that infected computers were using. Federal officials planned to keep their servers online until March, giving everyone opportunity to clean their computers. But it wasn’t enough time. A federal judge in New York extended the deadline until July.
Now, said Grasso, “the full court press is on to get people to address this problem.” And it’s up to computer users to check their PCs.
The number of victims is hard to pinpoint, but the FBI believes that on the day of the arrests, at least 568,000 unique Internet addresses were using the rogue servers. Five months later, FBI estimates that the number is down to at least 360,000. The U.S. has the most, about 85,000, federal authorities said. Other countries with more than 20,000 each include Italy, India, England and Germany. Smaller numbers are online in Spain, France, Canada, China and Mexico.
Vixie said most of the victims are probably individual home users, rather than corporations that have technology staffs who routinely check the computers.
This report sounds like a hoax. Can anyone at BDN substantiate this?
I googled the acronym DCWG and found several articles and explanations. go to Google and put in the acronym and you can read the opening sentences of several articles that also come up as norton verified. Then decide if you trust it. I don’t know if it was talked about on the news or not as I have been out of state and not watching TV for a few weeks, but at least you can make a more informed decision with what you find without accessing any site except google. Just a thought.
If you search for Tom Grasso FBI, there is such an agent, in their cyber division, who’s name would be well known by hackers. If you narrow that search by recent news, you’ll only find an identical article in the Utica Observer Dispatch and the Italian LaPresse. Neither would I consider corroborating sources.
Further investigation finds Cory Doctorow writing about this at
http://boingboing.net/2012/03/29/paul-vixies-firsthand-accoun.html
I still stand by my above recommendation of a reliable anti-virus; local support; and most of all, thinking before you click links!
Doing a Whois lookup on the dcwg.org website comes back to someone in CA using a senki.org email address, the senki.org domain seems to have articles regarding security and infected computers but the presentation does not impress me as far as the layout to make me think this is a true professional partner.
I am going to do more digging around, I do recall back in the day viruses (and they still exist) having dates tied to them to do certain things on a certain date. I would like to see more reputable sources on this first.
Good advice. I use McAfee Site Advisor and also will review it in the Urban Legend website. There are hundreds if not thousands of viruses out there, why one stands out like this is what is suspicious. But thanks for the advice.
Not a hoax. I spoke with somebody at the DOJ about it a few months ago. They had erroneously listed me as a victim/witness.
I would seriously not go, nor advise anyone go to an alleged “security partner” of the FBI. If the FBI was involved in such a website, wouldn’t they run it on their own servers?
This sounds like a social engineering press release the BDN has fallen for.
Simple advice is the best, don’t click a random link unless you know where it goes. If your concerned you have a computer virus, go to a known provider of anti-virus software. If the virus is preventing you from doing that, bring your system to a local computer service center or at the very least, call your local geek.
That was my very first thought!
“Click this link” NooOOOOoOOOOOoOoooo!!! :)
And what’s the alternative if you do nothing? Or even bring your system to and pay for a geek to do nothing? I went on the dns-ok site, and it is pretty simple no one applied anything on my registry, it’s a matter if the back ground is green or red.
Agreed
If you go to http://www.dcwg.org as the Eff Bee Eye has suggested, it will load a cookie that will track your every move online. This is a false flag operation.
A gazillion and one sites, from Google to BDN (and/or their advertisers), set some sort of cookie or another on your browser; nothing the DCWG site does is unusual in that regard. You can manually clear all cookies at any time, or (usually) configure your browser not to accept them in the first place.
For what it’s worth, from their site:
“The DCWG is an ad hoc group of subject matter experts, and includes members from organizations such as Georgia Tech, Internet Systems Consortium, Mandiant, National Cyber-Forensics and Training Alliance, Neustar, Spamhaus, Team Cymru, Trend Micro, and the University of Alabama at Birmingham.”
The site shows up as clean on Google Safe Browsing Diagnostics and McAfee Siteadvisor. It’s referenced to and linked from the FBI’s website (as already mentioned). It’s also repeatedly referenced to and linked from (and is also a subject “tag” on) the highly reputable Internet security blog, Krebs on Security, as well as on the SANS Institute’s Internet Storm Center (ISC), which is a sort of ad-hoc “NORAD” for web and network admins worldwide, and also very legitimate.
Google…the ultimate spyware
Looks fake!
Cracks me up… conspiracy theorists. LMAO
SEE BELOW
Well I just moseyed on over to FBI.GOV and lo and behold they not only verified this story through a press release last November but they offer a quick check on your machine. My own personal theory is that if someone references the FBI do not go to Google, go to the FBI web site. When on the site type the URL as given in the BDN article into the FBI search box.
Here is the FBI page w/ info and a link to ck for malware if anyone cares….
https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS
I’d ask Leo. 1-88-88-ask Leo
or go in their chat room.
http://techguylabs.com/
Hard to believe BDN is the first place to hear something
. I could find nothing on snopes…
BDN slow as usual, it was over last November:
http://www.fbi.gov/news/stories/2011/november/malware_110911
Everyone should burn a puppy linux disk or put it on a flash drive as a back up to get online. Linux dose not tend to get viruses and can be run with no hard drive.
Anyone with a disabled virus scanner should be suspicious and re-enable, reinstall and run a scanner, or take it to a computer person. Retroviruses target virus scanners and render then useless.
I use ESET NOD32 so I have no need for this test.
OH OH Big brother striking the fear into people so give out all your information to the FBI so they can track and watch your internet browsing ..
If they wanted to track you, they already would be. That’s what the Patriot Act put into law.
This isn’t a scam. Don’t want to click the link? Then don’t. If your internet shuts off in July, just get your computer cleaned. It really isn’t that big of a deal.
This article lacks solid information and therefore i would not pay any attention to the recommendations. Until the BDN does the who, what, when and where of these articles i will not put any faith in them.
I don’t know if it’s real or fake, but it’s missing a lot of information. For instance, what OS or programs does it take advantage of?
They can’t get through my anti virus.. Stick with the magor anti virus systems get what you get.
I also have a backup computer, the mini mac. clean and fast.
The average daytime temperature in Maine in July ranges bewteen 72 and 79 degrees. Hell, we could always go outside and do something if it comes to that.
I have no doubt it’s real. Because most of you only know enough about computers to be dangerous.
There are many programs out there to remove crap from your computer. But one of the better ones is Malware Bytes. And it’s free. You can move up to the pro version if you like, but the free demo is highly effective.
If you’ve never scanned your computer before, it might take a while. Set it to run and then go to work or whatever.
http://www.malwarebytes.org/products/malwarebytes_free
x
Has no one ever heard of a reformat? The big fix all. Even if this was real and your computer did loose its internet at a given date, it would be so easy to get it back with out clicking that link. Just take your computer to someone who knows what they are doing and have them fix it or you could replace your Windows operating system with Linux. Linux uses different commands than Windows does, therefore viruses are less likely to have an effect on it. Ubuntu is a good Windows replacement.