More than a quarter of a million PC users could find themselves cut off from the Internet on Monday as theFBI takes down a safety net protecting them from a specific piece of malicious software. Here's what the FBI wants you to know:
Q: Who does this affect?
A: Some 277,000 Windows PC users in homes and businesses worldwide, including 64,000 in the U.S. They still have not cleaned up a specific piece of malware spread to 570,000 machines more than a year ago.
Q: Why will they be cut off?
A: Last fall, FBI agents discovered — then took offline — the computer servers that criminals were using to control PCs carrying this malware. The agency also activated replacement servers as a safety net, so that the victims would not lose Internet access immediately. That highly unusual back-up system is being shut down as of 12:01 a.m. ET on Monday.
Q: Why handle it this way?
A: The malware redirects data traveling to and from an infected PC, routing this traffic through rogue computer servers. The criminals are thereby able to steer victims to certain Web pages. Had the FBI simply shut down the rogue servers — without taking steps to keep victims connected — it risked being criticized for intruding on how the Internet works.
Q: How did the bad guys make money?
A: The attackers steered victims to Web pages carrying online ads. Advertisers then paid the attackers for each click to a page carrying their ads. This "click-fraud" scam netted at least $14 million, according to the FBI.
Q: How can I tell if my PC is affected?
A. You can visit an FBI-approved website: http://www.dcwg.org. There you will find links to services that will run a quick check on your PC, as well as guidelines to manually carry out a deeper malware inspection. Keep in mind, there is no easy way to tell what specific piece of malware may be controlling your PC. Malware is difficult to detect and often slows down the time it takes for Web pages to load.
Q: What can I do if it appears that my PC is infected?
A: Make sure you have updated, working anti-virus protection, and educate yourself about how to use the scanning and cleanup tools that come with the top consumer anti-virus products. Keep in mind that malware is designed to resist detection and cleanup. Many types can only be eliminated by installing a fresh copy of the Windows operating system.
Q: What happens if I'm cut off?
A: You will have to contact your Internet service provider for help reconnecting to the Internet. Insist on guidance to also delete the malware, or criminals will continue to control your machine. Google and Facebook have created special warnings for this particular case. And Internet service providers have plans to try to help keep victims online. Comcast, for instance, has sent out e-mail, letters and Web notices to customers whose computers appeared to be affected.