ALERT: Surviving The Deadly DNS Changer Malware Attack

How to Survive a DNS Changer Malware Attack

Yesterday, the FBI took down the temporary Internet servers it set up to keep computers online if they were infected with a piece of malware called a DNS changer.

This meant that if you were infected by the malware, your Internet would stop working immediately after the FBI shut down its servers.

The story was quite a sensation: with scary-sounding phrases like FBI, DNS changer malware, and NO INTERNET, media outlets quickly picked it up. Quite a few very worried people, in fact, asked me if they would be okay come July 9, 2012.

And I have good news for them: if they’re reading this, they’re probably okay.

Media Sensationalism + Tech Ignorance

In reality, this most recent malware scare was pretty limited in scope: less than 50,000 computers in the U.S. were estimated to be affected, so there’s a very small chance that the average user lost Internet connectivity. Kind of disappointing, really.

DNS Changer Malware Error

What really struck me was the overblown reporting of the story by the media, and the genuine concern I observed in several friends and clients. It reminded me of the “Y2K” scare back in ’99 (sorry, I mean 1999), when people were told that the world would end just because a few short-sighted software programmers in the 70’s decided to save two bytes of storage space.

This is another classic case of exploitation of fear and ignorance for profit: headlines like “Malware May Kill Your PC July 9” and “DNS Changer malware: You’re running out of time to check for it” scare and provoke people into clicking these types of links, and generate traffic and ad revenue for the sites posting them.

Fortunately, the FBI provided lists of IP addresses to the Internet companies and, in turn, the companies gave customers instructions on how to remove the malware. (If you received no notification, and want to make sure your machine is not infected, you can check by clicking on this link.)

Basic Cyber Security Checklist

If you are NOT infected by DNS changer malware, congrats! Here’s some tips on remaining infection-free:

  • Keep a Clean Machine: Having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats.
  • When in doubt, throw it out: Links in email, tweets, posts, and online advertising are often the way cybercriminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete or if appropriate, mark as junk email.
  • Protect all devices that connect to the Internet: Along with computers, smart phones, gaming systems, and other web-enabled devices also need protection from viruses and malware.
  • Plug & scan: “USBs” and other external devices can be infected by viruses and malware. Use your security software to scan them.

Of course, if you suspect that your machine is infected, check out my virus removal page or contact me for help.

FREE Computer Virus Removal Software Isn’t Free

Computer Virus Removal SoftwareEvery PC user knows that computer viruses are bad news, and that the best way to avoid infection is to install antivirus software to protect your computer. What many people don’t know is that there is virus removal software available that is completely FREE to download and use. However, using free computer virus removal software comes with a hidden price.

The Real Cost of “Free” Protection Against Computer Viruses

Most PCs have antivirus (AV) software pre-installed, but it is often only a “trial” version that expires after a set time, and then requires the user to pay for the “full” version. While these types of computer virus removal programs are effective and well worth the money, a cheaper alternative exists.

Free virus removal software is a cheaper (and arguably, better) alternative to subscription-based AV software. You can download and use it for free, and it doesn’t extract a yearly subscription fee from you in exchange for continued protection from computer viruses. What “free” computer virus removal software DOES extract from you, in various ways, is your personal information.

Free Computer Virus Removal Software Programs

“Free” antivirus software not only protects you from getting computer viruses, but it digs up your personal data and sells it to the highest bidder. In addition to being effective virus removal tools, software programs such as “AVG Free”, “avast! Free Antivirus”, and “Avira Free Antivirus” are also ingenious data-mining and marketing machines. Virus removal software companies offer these programs at no charge, and then make money later by selling their user’s information to marketers and advertisers.

Who needs free software? I’d rather keep my personal data!

To demonstrate how “free” antivirus software (or any type of free software, for that matter) can easily gather a user’s information, consider this important but often overlooked step during the installation process of a popular free AV software program:

“Quick Install (Recommended)” (If you choose the “recommended” install settings, the software installs automatically – congrats, you’re done! Unfortunately, you also just opted-in to about 7 different data gathering schemes.)

“Custom Install (Advanced)” (A custom installation lets you uncheck all of the options that would install various information-gathering gadgets, email scanners, search bars, toolbars, etc., leaving only the essential software installed.)

A custom installation isn’t that hard to do, but a software company will nearly always label this option as “advanced” in order to intimidate users, and instead recommend that they perform a quick install. Although technically quicker and easier, this “recommended” option usually installs unwanted data gathering features alongside the core software.

If you manage to get through the installation without falling into any data mines and protect your information, free software can actually be quite useful. Free computer virus removal software in particular should be installed carefully, and with close attention paid to the “recommended” settings.

As always, please feel free to contact me for help with virus removal, or with any computer question.

Socially Engineered Malware: Your New Facebook Friend

Embarrassing confession: I was tricked into downloading a computer virus.

Socially Engineered Malware: Your New Facebook Friend

Last week, a high school friend of mine sent me a “Group Invite” message on Facebook®. The message urged all recipients to “help out my friend by ‘liking’ her page”, and included a link to said page. Being the helpful friend that I am, I decided to “CLICK HERE!”

Then, something strange happened: when I tried sharing the link by “Attaching” the URL into a message to a friend, Facebook did not correctly generate a description of the link. Instead, it only displayed random JavaScript code…

I knew immediately that I was infected with a virus. Shamefully, I asked myself: how could a supposed computer professional like me download a virus?

The answer: I was tricked!

Socially Engineered Malware

While some types of malicious software (malware) work by exploiting technical loopholes in a computer system, socially engineered malware exploits weaknesses in human nature. Even Mac users, with their perceived immunity to computer viruses, are not safe: without any technology dependencies, socially engineered malware can target users running either Windows or OS X.

From a cyber criminal’s perspective, tricking users into downloading and installing malware is a preferred means of attack. By manipulating trust (rather than hacking software), criminals may cast a wider net and target more victims. And the implied trust relationships inherent in social networking sites, such as Facebook, make them full of perfect targets for socially engineered attacks.

I, for one, certainly did not expect that the link sent to me by a friend would contain a virus: those clever hackers exploited my trust in my social network, and mislead me into clicking on the infected link (so you see, it wasn’t my fault).

Protecting Yourself against Socially Engineered Malware

I could have had all of the “smart” filters, firewalls, and anti-virus programs in the world installed and still downloaded that virus. Although these tools together do a good job of preventing most malware downloads, ultimately it is was me that made the decision about what to click.

Socially Engineered Malware: Anti-Virus Programs

It is therefore very important to “look before you click.” If you suspect a bad link, do a bit of research and mouse-over the link (without clicking!) and look at the preview URL that your browser will display. Pay special attention to the domain name (i.e. www.silverleafcs.com), and make sure that it is one that you recognize: if you notice random-looking characters and numbers in the domain name, this is a telltale sign that the URL could be an automatically-generated malicious site.

So the next time somebody (even a friend) sends you a link entitled OMG i cant believe she posted this LOL click here NOW, exercise a bit of caution. Clicking responsibly can mean the difference between discovering a new hilarious video, or even more hilariously (for the hackers), downloading socially engineered malware.

And if you do happen to accidentally download something bad, don’t be embarrassed, just click here. (link tested to be 99.9% malware-free)