Malware Scam: Thousands of Canadians Could Lose Web Access Today Due to FBI Server Shutdown


About 9,000 Canadian-owned computers could be infected and lose access to websites, emails and social media today when FBI shuts down temporary servers used to stop scam, experts say

Content of the article

What is the threat?

In 2007, a Trojan horse computer virus called DNSchanger surfaced on the Internet. All Internet traffic from infected computers was redirected to specific Internet servers managed by criminals.

These criminals then served up to $ 14 million worth of ads on these infected computers, according to PCWorld. However, this all ended when the culprits were caught in an FBI attack in November 2011 called “Operation Ghost Click”.

When does the FBI unplug?

The temporary system will be shut down at 12:01 a.m. EDT on Monday, July 9. When shut down, infected computers will not be able to access the Internet.

How do I know if I am affected?

Most victims don’t even know their computers have been infected, although the malware has likely slowed down their web browsing and disabled their antivirus software, making their machines more vulnerable to other issues. However, there is an easy way to check if you are infected: just go to For detailed information about the infection and what to do to get rid of it, you can go to DCWG (DNSchanger Working Group).

Additionally, Facebook and Google both created their own warning messages that displayed if someone using either site appeared to have an infected computer. Facebook users would receive a message saying, “Your computer or network may be infected,” along with a link users can click for more information. Google users received a similar message, displayed at the top of a Google search results page. It also provides information on how to resolve the problem.

Learn more about today’s malware threat here


Content of the article

About 9,000 computers owned by Canadians could be infected and lose access to websites, emails and social networks today when the FBI shuts down temporary servers used to stop a scam, experts say.

In total, some 300,000 computers, mostly in the United States, Italy and India, could be infected and lose Internet service, Thomas Dean, associate professor at Queen’s University, said on Friday.

“The computer starts up, but when you try to use your mail or your browser, you get some sort of error message,” said Dean of Kingston, Ont.

Warnings about the internet problem were posted on Facebook and Google and Dean said that initially around four million computers were infected worldwide.


Content of the article

The FBI took out the hackers last fall in an online advertising scam and had clean servers installed to take over from malicious servers so people don’t lose their internet service right away, but replacements are turned off Monday.

Dean said Canadians may also need to check routers to see if they’ve been affected as well and reset them.

“We have about 9,000 computers that still appear to be infected,” he said of the situation in Canada.

If computers have been infected as a result of the scam, they have not been able to perform updates to software or anti-virus systems, making them vulnerable to other malware, Dean said , who teaches in the Department of Electrical and Computer Engineering at Queen’s University.


Content of the article

The offending DNSChanger Trojan malware was created to redirect Internet traffic and hijack online searches.

Dean Turner of Symantec said hackers in Eastern Europe and Russia made a profit of $ 14 million by installing malicious servers and getting paid to drive traffic to malicious websites, and for also placing bogus advertisements on top of real advertisements on legitimate websites.

“It was basically click fraud – hacked research,” said Turner, director of global intelligence for Symantec, a software security company.

While Turner said it was difficult to predict how many infected computers would be in Canada, he said 9,000 would not be “out of whack.”

On Monday, infected computers will receive a message saying “Cannot find this website,” he said from Calgary.


Content of the article

“It would block all access to the Internet. “

Robert Siciliano of McAfee said that computer users who don’t have access on Monday may mistakenly assume their ISP is in trouble and flood them with calls.

“It will ultimately be a customer service nightmare,” said Siciliano, an online security specialist at McAfee, another anti-malware security company.

ISPs may need to seek technical support if they are inundated with calls, he said.

Bell (TSX: BCE) said it had been contacting customers by phone and email for some time about the potential issue.

The telecommunications company also has a web page that explains the problem and directs consumers to the Canadian Internet Records Authority’s online diagnostic tool.



Postmedia is committed to maintaining a lively but civil discussion forum and encourages all readers to share their views on our articles. Comments may take up to an hour of moderation before appearing on the site. We ask that you keep your comments relevant and respectful. We have enabled email notifications. You will now receive an email if you receive a reply to your comment, if there is an update to a comment thread that you follow, or if a user that you follow comments. Check out our community guidelines for more information and details on how to adjust your email settings.

Source link


Leave A Reply