Slog
News & ArtsMonday, April 23, 2012
Tech If You Use a PC, the FBI Has a Warning for You
Posted by Eli Sanders on Mon, Apr 23, 2012 at 6:00 AM
The back-story is rather complicated, involving an online scam that got so big the FBI couldn't shut it down the ordinary way, and it begins about five months ago:
Last November, the FBI and other authorities were preparing to take down a hacker ring that had been running an Internet ad scam on a massive network of infected computers.
"We started to realize that we might have a little bit of a problem on our hands because ... if we just pulled the plug on their criminal infrastructure and threw everybody in jail, the victims of this were going to be without Internet service," said Tom Grasso, an FBI supervisory special agent. "The average user would open up Internet Explorer and get `page not found' and think the Internet is broken."
So the government brought in its own servers to replace the hacker servers, and no one on the user end knew the difference.
The problem: No one on the user end knew the difference.
The FBI doesn't want to act as a bunch of people's ISP forever, so now it's warning everyone with a PC to check themselves (or at least their computers) before their Internet lives get wrecked on July 9 when the FBI pulls the plug on those backup servers.
The FBI is encouraging users to visit a website run by its security partner, http://www.dcwg.org, that will inform them whether they're infected and explain how to fix the problem. After July 9, infected users won't be able to connect to the Internet.
Predicted first comment: "Another reason to use a Mac."
6
@ Eli
My cousin is the prince of a small nation and needs to hide his royal treasury from his corrupt advisers. If you send him your bank info, he'll cut you in on a bit of the action.
My cousin is the prince of a small nation and needs to hide his royal treasury from his corrupt advisers. If you send him your bank info, he'll cut you in on a bit of the action.
8
@6 that won't work. Apple users are 100% always without a doubt protected from viruses. This also includes phishing somehow.
9
So, let me see if I have this right. The FBI has been running the internet with it's servers and now wants us all to go to their website and download something from them. I'm starting to see why so many people are paranoid about the government.
10
@9
Not really.
The FBI wanted to take down a botnet (surprising in itself).
The FBI realized that if it did that, it would cripple a lot of home users.
So the FBI arranged to have servers set up that would duplicate a specific function of the servers that they were going to take down.
The FBI expected that all the infected home computers would be quickly cleaned.
The FBI has realized how wrong that expectation was as many are still infected.
The FBI has decided to cut off the servers it set up any way.
Go here http://www.dns-ok.us to see if you are infected.
The FBI could make this a lot easier on everyone by telling the ISP's which machines on their networks are infected. But they do not appear to be doing that. Instead they're doing it in the fucking most stupid way possible.
Not really.
The FBI wanted to take down a botnet (surprising in itself).
The FBI realized that if it did that, it would cripple a lot of home users.
So the FBI arranged to have servers set up that would duplicate a specific function of the servers that they were going to take down.
The FBI expected that all the infected home computers would be quickly cleaned.
The FBI has realized how wrong that expectation was as many are still infected.
The FBI has decided to cut off the servers it set up any way.
Go here http://www.dns-ok.us to see if you are infected.
The FBI could make this a lot easier on everyone by telling the ISP's which machines on their networks are infected. But they do not appear to be doing that. Instead they're doing it in the fucking most stupid way possible.
11
For those FireFox users, NoScript (http://noscript.net/) does wonders for stopping all sorts of annoying and/or malicious code being executed on the net. Insert disclaimer about how nothing is 100% foolproof, etc, etc.
Unfortunately there is no FireFox add-on for stupidity.
Unfortunately there is no FireFox add-on for stupidity.
15
I don' t think the Fed's should ever step in and become someone's ISP with out notice. The people who have the virus need to get savvy, or pay the price.
I'm assuming it's the same group of people who email about new work from home opportunities and that it's okay to eat eggs again (a follow up to their "DON'T EAT EGGS!" email from a month ago).
I'm assuming it's the same group of people who email about new work from home opportunities and that it's okay to eat eggs again (a follow up to their "DON'T EAT EGGS!" email from a month ago).
16
Wonder why the feds don't just redirect all traffic to the antivirus info page. Either people will get the idea or will become paranoid and clean their computers. win win
19
http://www.dcwg.org had a server too busy message, and on a second attempt the page loaded (basic text) with broken graphics. LOL.
20
Macs are PCs. You mean, another reason to not use old versions of IE or another reason to not be stupid?
21
Macs get viruses too. Flashback has been in the news just this week, with over 600,000 infections. Like most PC viruses it gets in via Flash, Javascript or Java with the cooperation of fooled users. There's a fix if you download the update, which many Mac users never do because they think they're immune.
22
Thank you for this information. I use Linux, but most of the people I know do not, so this will be helpful to them.
23
So.....you think perhaps government agencies, private corporations and certain individuals haven't been doing the same thing for years with those anonymizers?
25
Oh, come on, it's not like the NSA admitted they already have all your emails and tweets in the US, or that the SPD spy drone can actually hack your wireless connection.
Oh, wait.
Oh, wait.
28
From the Seattle Times/AP story: "FBI officials said they organized an unusual system to avoid any appearance of government intrusion into the Internet or private computers."
Good job! The unusual system that they set up to prevent the "appearance of government intrusion" was a couple of DNS servers that would reasonably be described as actual government intrusion.
Here's a better headline "Federal Judge authorizes FBI and security company to secretly route the web traffic of over half a million private computers for 8 months. Affected users not notified of vulnerable systems".
Given the lack of detail in the story, I went with "route the web traffic", but maybe the facts actually support "monitor the web traffic"?
Hopefully the AP did actually do some research on the story, because it does seem like a scam.
Good job! The unusual system that they set up to prevent the "appearance of government intrusion" was a couple of DNS servers that would reasonably be described as actual government intrusion.
Here's a better headline "Federal Judge authorizes FBI and security company to secretly route the web traffic of over half a million private computers for 8 months. Affected users not notified of vulnerable systems".
Given the lack of detail in the story, I went with "route the web traffic", but maybe the facts actually support "monitor the web traffic"?
Hopefully the AP did actually do some research on the story, because it does seem like a scam.
30
The FBI is hosting DNS, not acting as an ISP. It's a pretty big difference. The article makes it sound like people are dialing into the scammer to connect to the internet, but really just the servers they were using to turn URLs into IP addresses were shady.
31
@30: yes, it's a difference, but your use of the word "just" makes it sound like you think controlling a user's DNS server is no big deal. It's a big deal.
32
A slight refinement comment 2 (if I understand correctly):
OpenDNS would have reduced the likelihood of infection but once infected, you'd no longer be using OpenDNS.
OpenDNS would have reduced the likelihood of infection but once infected, you'd no longer be using OpenDNS.
34
@ Fnarf, Apple pushes updates (or at least update notices) on a regular basis, as does Firefox. Still, one needs to run antivirus scans on a regular basis.
35
@25 SPD spy drone? Is this merely a conspiracy theory or would you care to share some supporting evidence?
36
@35, Will doesn't do supporting evidence.
@34, update notices are made to be ignored. I guarantee that about 75% of the computers out there, Mac and PC, have update notifications going back to when the computer was new that the user has never even wondered about.
Firefox does it right, finally -- they update you without asking.
@34, update notices are made to be ignored. I guarantee that about 75% of the computers out there, Mac and PC, have update notifications going back to when the computer was new that the user has never even wondered about.
Firefox does it right, finally -- they update you without asking.
37
Maybe on the PC. I still have to click on the button labelled "update firefox," and have the option of clicking "ask later" instead.
40
@36 such devices exist, I just hadn't heard of SPD operating one. They could just park an unmarked car within range of a network they cared to monitor so it seems superfluous.
I wouldn't be surprised at all to hear the NSA/FBI had wireless monitoring drones.
I wouldn't be surprised at all to hear the NSA/FBI had wireless monitoring drones.
41
"The average user would open up Internet Explorer and get `page not found' and think the Internet is broken."And what's the downside?
Advertisement
Most Commented on Slog
-
Portland Voters Are Stoopid by Goldy
-
An I-5 Bridge Over the Skagit River Has Collapsed by Paul Constant
-
Why They Break Windows by Unpaid Intern
-
Did You Steal Our Unpaid Intern's Camera? by Goldy
-
Usually When I'm Sent a Photoshopped Image of a Gun Pointed At Me... by Dan Savage
-
The Only Thing More Tragic than a Bridge Collapse Would Be a 10 Cent a Gallon Increase in the Gas Tax by Goldy
-
Tornado Truthers by Dan Savage
-
Star Trek Releases Deleted Scene of Benedict Cumberbatch Showering to Counter Claims of Sexism by Cienna Madrid
-
Should I Buy One of These? by Goldy
-
Boy Scouts Lift Ban on Gay Members by Paul Constant
Stranger Personals
The Stranger
RSSSeattle Art & Performance Quarterly
A complete guide to Seattle's current art, film, dance, and theater season.
Facebook
Twitter
Comments (42) RSS