Pages

hulu.com

Wednesday, June 6, 2012

Facebook warns hundreds of thousands may lose Internet in July


Facebook announced Tuesday that it had joined a consortium of other companies and security experts to help alert hundreds of thousands of websurfers of a computer infection called DNSChanger that may knock their computers off the Internet this summer.
Unknown to most of them, their problem began when international hackers ran an online advertising scam to take control of infected computers around the world. In a highly unusual response, the FBI set up a safety net months ago using government computers to prevent Internet disruptions for those infected users. But that system will be shut down July 9 -- killing connections for those people.
The FBI has run an impressive campaign for months, encouraging people to visit a website that will inform them whether they're infected and explain how to fix the problem. After July 9, infected users won't be able to connect to the Internet.


Infected Facebook users will now be treated to a special message when visiting the social network that informing them of their potential risk as well as helping them clean it up.
"Facebook's Product Security Team is working constantly to protect users from malicious content and malware like viruses, trojans, and worms," Facebook wrote in a blog post Tuesday, June 4.


"As a result of our work with the DNSChanger Working Group, Facebook is now able to notify users likely infected with DNSChanger malware and direct them to instructions on how to clean their computer or networks."
Facebook followed in the footsteps of Google, who on May 22, announced that it would throw its weight into the awareness campaign, rolling out alerts to users via a special message that will appear at the top of the Google search results page for users with affected computers.
“We believe directly messaging affected users on a trusted site and in their preferred language will produce the best possible results,” wrote Google security engineer Damian Menscher in a post on the company’s security blog.
“If more devices are cleaned and steps are taken to better secure the machines against further abuse, the notification effort will be well worth it,” he wrote.
The challenge, and the reason for the awareness campaigns: Most victims don't even know their computers have been infected, although the malicious software probably has slowed their web surfing and disabled their antivirus software, making their machines more vulnerable to other problems.
Last November, when the FBI and other authorities were preparing to take down a hacker ring that had been running an Internet ad scam on a massive network of infected computers, the agency realized this may become an issue.
"We started to realize that we might have a little bit of a problem on our hands because ... if we just pulled the plug on their criminal infrastructure and threw everybody in jail, the victims of this were going to be without Internet service," said Tom Grasso, an FBI supervisory special agent. "The average user would open up Internet Explorer and get `page not found' and think the Internet is broken."
On the night of the arrests, the agency brought in Paul Vixie, chairman and founder of Internet Systems Consortium, to install two Internet servers to take the place of the truckload of impounded rogue servers that infected computers were using. Federal officials planned to keep their servers online until March, giving everyone opportunity to clean their computers.


But it wasn't enough time.
A federal judge in New York extended the deadline until July.
Now, said Grasso, "the full court press is on to get people to address this problem." And it's up to computer users to check their PCs.
'We started to realize that we might have a little bit of a problem on our hands...'
- Tom Grasso, an FBI supervisory special agent
This is what happened:
Hackers infected a network of probably more than 570,000 computers worldwide. They took advantage of vulnerabilities in the Microsoft Windows operating system to install malicious software on the victim computers. This turned off antivirus updates and changed the way the computers reconcile website addresses behind the scenes on the Internet's domain name system.