WASHINGTON — Hundreds of thousands of computers worldwide may have been infected by hackers in an online advertising scam and may lose their ability to connect to the Internet on July 9.
When international hackers ran an online advertising scam months ago to take control of infected computers around the world, the FBI set up a safety net using government computers to prevent Internet disruptions for those infected users. But that system is to be shut down.
The FBI is encouraging users to visit a website run by its security partner, www.dcwg.org, that will inform them whether their computer is infected and explain how to fix the problem. After July 9, infected users won’t be able to connect to the Internet.
Most victims don’t even know their computers have been infected, although the malicious software probably has slowed their web surfing and disabled their antivirus software, making their machines more vulnerable to other problems.
Last November, the FBI and other authorities were preparing to take down a hacker ring that had been running an Internet ad scam on a massive network of infected computers.
“We started to realize that we might have a little bit of a problem on our hands because … if we just pulled the plug on their criminal infrastructure and threw everybody in jail, the victims of this were going to be without Internet service,” said Tom Grasso, an FBI supervisory special agent. “The average user would open up Internet Explorer and get ‘page not found’ and think the Internet is broken.”
On the night of the arrests, the agency brought in Paul Vixie, chairman and founder of Internet Systems Consortium, to install two Internet servers to take the place of the truckload of impounded rogue servers that infected computers were using. Federal officials planned to keep their servers online until March, giving everyone opportunity to clean their computers. But it wasn’t enough time. A federal judge in New York extended the deadline until July.
Now, said Grasso, “the full court press is on to get people to address this problem.” And it’s up to computer users to check their PCs.
The number of victims is hard to pinpoint, but the FBI believes that on the day of the arrests, at least 568,000 unique Internet addresses were using the rogue servers. Five months later, FBI estimates that the number is down to at least 360,000. The U.S. has the most, about 85,000, federal authorities said. Other countries with more than 20,000 each include Italy, India, England and Germany. Smaller numbers are online in Spain, France, Canada, China and Mexico.
Vixie said most of the victims are probably individual home users, rather than corporations that have technology staffs who routinely check the computers.