Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Tech-Related News Tech-Related News
Search Search
Search for:
Tech Support Guy > > >

Associated Press - Hundreds of thousands may lose Internet in July


(!)

HOBOcs's Avatar
HOBOcs   (Jim) HOBOcs is offline
Member with 7,330 posts.
THREAD STARTER
 
Join Date: Jan 2004
Location: Markham ON Canada
21-Apr-2012, 04:25 PM #1
Associated Press - Hundreds of thousands may lose Internet in July
I heard this announcment this morning and I am not sure what to make of it.
I will try and find more info and post a follow-up.


Associated Press - Hundreds of thousands may lose Internet in July
By LOLITA C. BALDOR, Associated Press 21 hours ago
WASHINGTON (AP) For computer users, a few mouse clicks could mean the difference between staying online and losing Internet connections this summer.

Unknown to most of them, their problem began when international hackers ran an online advertising scam to take control of infected computers around the world. In a highly unusual response, the FBI set up a safety net months ago using government computers to prevent Internet disruptions for those infected users. But that system is to be shut down.

The FBI is encouraging users to visit a website run by its security partner, http://www.dcwg.org , that will inform them whether they're infected and explain how to fix the problem. After July 9, infected users won't be able to connect to the Internet.

Full Google Article
Ent's Avatar
Ent   (Josiah) Ent is offline Ent is a Trusted Advisor with special permissions.
Computer Specs
Trusted Advisor with 5,242 posts.
 
Join Date: Apr 2009
Location: United Kingdom
Experience: Intermediate
22-Apr-2012, 03:04 AM #2
Methinks they're doing it wrong. They shouldn't be running the servers to keep people trundling along as though nothing is wrong. They should redirect every single hit to a page explaining that the computer was infected and how to go about resolving it. Then they wouldn't leave everyone in the lurch with no idea what's wrong once they finally pull out.
Elvandil's Avatar
Computer Specs
Moderator with 51,993 posts.
 
Join Date: Aug 2003
Location: Vermont
Experience: "Been through the mill."
22-Apr-2012, 03:18 AM #3
Quote:
Originally Posted by Ent View Post
Methinks they're doing it wrong. They shouldn't be running the servers to keep people trundling along as though nothing is wrong. They should redirect every single hit to a page explaining that the computer was infected and how to go about resolving it. Then they wouldn't leave everyone in the lurch with no idea what's wrong once they finally pull out.
That would work if there were a human looking at every page. But automated systems only go to the sites and no one would be there to see the message.

In any case, their servers have been running for several months now, so too late to change plans. It was a better plan than just taking down the crooks and having all those people lose internet and not know why.
__________________
Microsoft MVP
異驚の界世 pןɹoʍ ǝɥʇ ɟo sɹǝpuoʍ ǝɥʇ ɟo ǝuo sı ǝpoɔıun ʞuıɥʇ ı
catlover2's Avatar
catlover2 catlover2 is offline
Computer Specs
Member with 431 posts.
 
Join Date: Sep 2009
Location: What's that down there?
22-Apr-2012, 03:31 AM #4
Quote:
Originally Posted by Ent View Post
Methinks they're doing it wrong. They shouldn't be running the servers to keep people trundling along as though nothing is wrong. They should redirect every single hit to a page explaining that the computer was infected and how to go about resolving it. Then they wouldn't leave everyone in the lurch with no idea what's wrong once they finally pull out.
If my Windows installation was indeed infected and I got redirected to some page that was telling me my computer was infected, I would end up thinking that the page I got redirected to was a scam and a result of the virus. I suppose that this de-infection scheme might be more effective on people less computer-savvy than me, but it would seem rather odd to me.

Just my $0.02
LadyDragon's Avatar
LadyDragon LadyDragon is offline
Member with 114 posts.
 
Join Date: Mar 2004
Location: Taichung, Taiwan
Experience: Keep it SIMPLE, please.
22-Apr-2012, 03:43 AM #5
Ent's Avatar
Ent   (Josiah) Ent is offline Ent is a Trusted Advisor with special permissions.
Computer Specs
Trusted Advisor with 5,242 posts.
 
Join Date: Apr 2009
Location: United Kingdom
Experience: Intermediate
22-Apr-2012, 04:12 AM #6
Quote:
Originally Posted by catlover2 View Post
If my Windows installation was indeed infected and I got redirected to some page that was telling me my computer was infected, I would end up thinking that the page I got redirected to was a scam and a result of the virus. I suppose that this de-infection scheme might be more effective on people less computer-savvy than me, but it would seem rather odd to me.

Just my $0.02
Of course you would. So would I. But then I'd set about removing the infection, so it still gets the message across. What they want to avoid is people having no idea why "the internet is broken".
I'm just thinking that announcements like this won't reach most of those hundreds of thousands of users, so they'll be left as confused a few months later.

Quote:
Originally Posted by Elvandil
That would work if there were a human looking at every page. But automated systems only go to the sites and no one would be there to see the message.
But most home users don't operate automated web crawlers, and if someone who does still gets an infection then shame on them.
TechGuy's Avatar
TechGuy   (Mike) TechGuy is offline TechGuy has a Profile Picture
Computer Specs
Administrator with 12,711 posts.
 
Join Date: Feb 1999
Location: Chambersburg, PA
Experience: Advanced
22-Apr-2012, 08:51 AM #7
I agree. I need to read more about it, but why would they set up a system to hide the problem from infected users? I understand that in doing so they are preventing machines from going to whatever IP the bad guys wanted... but, as Ent said, they should have instead redirected folks to a warning page, not cover up the problem.
HOBOcs's Avatar
HOBOcs   (Jim) HOBOcs is offline
Member with 7,330 posts.
THREAD STARTER
 
Join Date: Jan 2004
Location: Markham ON Canada
22-Apr-2012, 10:50 AM #8
This really hit me as strange... is it a hoax or a means to collect other computer data and why haven't we heard more from other tech security sources. Highly suspicious still.

I agree as well that a warning and a redirect to what you can do.

Note: the article here....

http://www.fbi.gov/news/stories/2011...malware_110911

did mention - "Users who believe their computers may be infected should contact a computer professional.". (ok, so I assume we "computer Professionals" need to use our own utilities to seek out and resolve this in the normal fashion )

Last edited by HOBOcs; 22-Apr-2012 at 10:56 AM..
Ent's Avatar
Ent   (Josiah) Ent is offline Ent is a Trusted Advisor with special permissions.
Computer Specs
Trusted Advisor with 5,242 posts.
 
Join Date: Apr 2009
Location: United Kingdom
Experience: Intermediate
22-Apr-2012, 11:02 AM #9
http://www.pcmag.com/article2/0,2817,2403364,00.asp
http://mashable.com/2012/02/17/fbi-dns-servers/
http://www.dns-ok.us/

Or of course
http://www.google.co.uk/search?q=FBI...ive&as_qdr=all

Actually, on reading into it a bit more it seems that the malware is a rootkit and therefore quite tricky to remove.
JustJudy's Avatar
JustJudy   (Judy) JustJudy is offline JustJudy has a Profile Picture
JustJudy has a Photo Album
Computer Specs
Member with 10,910 posts.
 
Join Date: Apr 2006
Location: PA
22-Apr-2012, 01:07 PM #10
You can test your IP to see if it's one that is being rerouted:
For more information visit:
- http://www.dcwg.org/
- https://forms.fbi.gov/check-to-see-i...sing-rogue-DNS

Jim I thought the same thing when I first read about it. This has been a known problem for quite some time but why weren't we made aware of it sooner? It does seem highly suspicious.
__________________
Judy
* The true meaning of life is to plant trees, under whose shade you do not expect to sit. ~Nelson Henderson *
HOBOcs's Avatar
HOBOcs   (Jim) HOBOcs is offline
Member with 7,330 posts.
THREAD STARTER
 
Join Date: Jan 2004
Location: Markham ON Canada
22-Apr-2012, 11:24 PM #11
Quote:
Originally Posted by Ent View Post
http://www.pcmag.com/article2/0,2817,2403364,00.asp
http://mashable.com/2012/02/17/fbi-dns-servers/
http://www.dns-ok.us/

Or of course
http://www.google.co.uk/search?q=FBI...ive&as_qdr=all

Actually, on reading into it a bit more it seems that the malware is a rootkit and therefore quite tricky to remove.
FYI - I'm seeing more of a variant of the Rootkit - "Zero Access" (tough one) lately - which may be related.
dam123dam's Avatar
dam123dam dam123dam is offline
Computer Specs
Member with 24 posts.
 
Join Date: Jul 2011
Experience: Intermediate
24-Apr-2012, 01:16 AM #12
I checked my computer it seems ok.
sepala's Avatar
Computer Specs
Member with 4,038 posts.
 
Join Date: May 2010
Location: Sri Lanka
Experience: Advanced
05-May-2012, 01:45 AM #13
sharky's Avatar
Member with 1,254 posts.
 
Join Date: Jul 2001
Experience: Intermediate
07-May-2012, 04:37 AM #14
Does a computer get the Trojan "Alureon.E" that eventually turns into the DNS Changer?
DoubleHelix's Avatar
Account Disabled with 24,388 posts.
 
Join Date: Dec 2004
08-May-2012, 04:29 PM #15
This is such an infinitesimally small problem that it's hardly worth discussing. Leave it to the US government to blow it totally out of proportion. The number of computers affected isn't even statistically significant.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑