Wednesday, May 23, 2012

Google Alerts Users 'Your Computer Appears To Be Infected'


Google has launched an awareness campaign to identify systems compromised with DNSChanger and alert users before the DNS servers are shut down and their PCs can no longer get to websites.

Google launched a new awareness campaign to alert users whose PCs may be compromised with the “DNSChanger” malware. The DNS servers used by the malware will be shut down soon, and infected computers will no longer be able to communicate with the Web, so Google is doing its part to help users clean up and point their PCs to legitimate DNS servers.

In November of last year the United States FBI—in cooperation with Estonian law enforcement—tracked down and arrested the group behind the DNSChanger malware. With millions of infected systems around the world relying on the malicious DNSChanger DNS servers, the FBI chose to continue hosting them as legitimate DNS servers.

However, the FBI isn’t in the business of acting as an Internet Service Provider or DNS host, so as of July 9 the DNSChanger servers will be shut down. There are an estimated 500,000 systems still using those servers for DNS, and those PCs will no longer be able to reach the Web once the FBI pulls the plug.

Google is virtually synonymous with the Web. To many users--particularly the ones who lack the Internet savvy or technical skills to understand the security issues or determine if their PCs have been compromised with DNSChanger--Google is the Web. That gives Google some measure of civic responsibility, and puts it in a unique position to be able to help users out.

A blog post from Google states, “Starting today we’re undertaking an effort to notify roughly half a million people whose computers or home routers are infected with a well-publicized form of malware known as DNSChanger.”

Google will check to see if a PC is using the rogue DNSChanger servers. Systems suspected of being infected will display a message at the top of the Google search results page that says “Your computer appears to be infected.”

The Google blog post explains, “We believe directly messaging affected users on a trusted site and in their preferred language will produce the best possible results.”

The clock is ticking. In about six weeks a half million users may find that their PCs are unable to connect with Web sites. Hopefully, those 500,000 users will conduct a Google search at some point in the next few weeks, and pay heed to the warning from Google.

If you receive a message from Google, or suspect that your PC might be compromised with DNSChanger, check out the DNS Changer Working Group (DCWG) site. It contains a variety of tools to help remove the malware and clean up your system.






No comments: