On November 8, the FBI, the NASA-OIG and Estonian police arrested several cyber criminals in “Operation Ghost Click”. The criminals operated under the company name “Rove Digital”, and distributed DNS changing viruses, variously known as TDSS, Alureon, TidServ and TDL4 viruses. (Source DWWG.org)
Malware: A complex view
Malware and viruses should be taken seriously. How many times have you visited a website and a pop-up ad informs you that your computer is infected and needs to be cleaned? For most, (if not all) of us, we’ve seen this multiple times on different websites. 99.9% of the time, it’s SPAM or malware in itself. However, with an upcoming virus taking over machines on July 9th, you might want to take notice. In fact, those warnings, (especially displayed on Facebook.com or Google.com could signal something serious is going on.) PCWorld states,
“DNSChanger is a Trojan that surfaced in 2007 and infected millions of machines. The malware would redirect computers to hacker-created Websites, where cyber-criminals sold at least $14 million in advertisements. DNSChanger also prevented computers from updating or using anti-virus software, leaving them vulnerable to even more malicious software.” (Source PCWorld.com)
DNSChanger: The risk behind the recent attack
DNSChanger is the malware behind “Operation Ghost Click.” DNSChanger redirects your router and computer to harmful websites, that can do serious damage to your computer or device. In fact, this is why the FBI stepped in last year and took over the hacker’s servers, (not shutting them completely down for fear that Fortune 500 companies, individuals and others might be affected by the virus and unable to use the internet.) Instead of killing the servers, the FBI simply just took over hosting, until they could alert the public to the problem and find an acceptable solution in time for July 9th. Most technology websites took notice, along with the national news, but as I’ve kept my eye on what’s happening, I didn’t see much being said minus a recent Star Tribune article, which explains the problem, but doesn’t go beyond the dilemma.
This malware is serious for two reasons. First, being that the FBI plans to shut down the hacker’s servers on Monday, July 9th. This means, any computer affected would no longer be able to use the internet. You could have serious financial costs to your company or home computer. The likelihood that you’d have to bring your computer back to factory condition is high. You may lose files and important documents. Secondly, this virus is hard to detect. It may seem like nothing is wrong for the time being. This is exactly why the DNS Changer Working Group (DCWG,) has created a website with accurate information about the risk and ways to test your devices.
Is My PC Infected?
To see if your computer has the malware, follow these steps:
1. Visit http://www.dcwg.org to learn more about the attack, your risk and ways to fix the issue.
2.) Visit http://www.dns-ok.us/ to diagnose whether or not your computer is carrying the malware. My pc and devices all checked, “Green” meaning, I wasn’t infected. If you are infected, the screenshot below would appear as red and give you detailed instructions
3.) Fixing the issue may not be as easy as it looks. To learn more about fixing your device, visit: http://www.dcwg.org/fix/. Before you download or visit any of the websites they offer to help with the fix, please make sure to back-up your PC. Backing up your computer can be an expensive process. I highly recommend taking your PC to a professional and grabbing a cup of coffee. What they can do in hours, might take you days. However, if you’re feeling confident, consider using a cloud backup tool. I’ve heard good things about BackupPC, the open-source software that works with Linux, Windows and Mac. Crashplan is also high on my list, if you need immediate access to back-ups that are secured in the cloud.
Know the deadline is looming, but feeling overwhelmed with what files to keep? On my own computers, I keep files on my desktop to everything I need. For instance, my client files are sorted alphabetically with invoices, contracts and other necessary documents all in one place. I have flash drive back-ups as well as cloud and external hard-drive back-ups for my important documents. I also utilize my GOOGLE DRIVE and GMAIL as an online back-up and tag invoices, proposals and work delivered all with labels for easy searching and accessibility. My photos are all backed up with Flickr and I order cd’s yearly which I convert to flash drives that hold my family’s precious photos. Never just perform one method of backup. You need multiple ways to access your files.
Looking beyond: Understanding malware
Let’s first try to understand what a Trojan virus or malware really look like and how they act. The following video is one of the most helpful I found in clearly stating WHAT malware is, HOW it infects a computer and WHAT you can do to protect yourself. (Ironically, in a search on Youtube for an easy explanation with visual guides, there were hundreds of videos showing HOW to make a Trojan virus.) The company featured in the video, TrendMicro is a service provider of anti-virus software. I highly recommend their competitor, AVG Anti-Virus and have used the “free” version, (note: not the free-trial version) for years, happily.
Stay Safe: 3 easy steps
The truth is, viruses are more complicated and easier to catch today then years past. I advocate three truths to keep safe on the internet:
1.) Always have a secure password. A secure password has multiple variables, which simply stated means, it’s harder to hack. Most people make passwords that are easy for them to remember, thus being easier to figure out. Here’s two examples of passwords:
Dog123 – This one looks more good, right? It has 6 characters and utilizes numbers and letters. This password would be VERY easy to find by a hacker.
d()G1!2!3! – is a little more secure. You’ll see I incorproated other “variables” or uppercase letters, symbols, and lowercase letters to make it harder to guess and harder for the software that hackers use to determine the password quickly. Remember, hackers want it fast and cheap. If your password takes too long to hack, they have millions of people they can try next.
Pro tip: Take a sign from my good friends over at TEN7 and utilize cloud-based password protection. Passpack offers FREE, online password storage. Instead of carrying a notebook with you, or storing passwords on your computer itself, consider storing information encrypted with the protection of the cloud.
2.) Only visit sites you know and trust. Vet websites carefully and never, ever provide a credit card number unless it’s from a site you know and trust. Always check the top address bar to make the the site matches exactly where you are supposed to be. Websites are often linked to us in email or social media by using shortened url codes. For instance, do you know where http://bit.ly/HappyFourthOfJuly goes? Before you click on ANY shortened url, especially if it’s from someone you don’t know or trust personally, make sure you know the risk before the click. You can visit LongURL, (www.longurl.org) to find out where ANY short url leads to. I didn’t steer you wrong, look where my bit.ly link leads…
3.) Keep your anti-virus up to date and run scans often. You control the health of your computer and devices. Did you know that your phone can be infected with a virus or malware? Any type of phone, Android, Iphone, Blackberry, can succumb to an attack or a bad link. (Here’s a great link on cell phone viruses and how they work.) Find an anti-virus program that works for you and that is trusted not only by professional reviews, but by peer reviews as well. PCMag recently reviewed anti-virus software and offer a handy comparison chart.
Don’t Live In Fear
Sadly, with complex hacking methods, hackers are often able to get around the usual ways and entice you to click on a link, or are able to deliver viruses in other ways. This is exactly why DNSChanger is so important to know about. Your best defense against hacking is the above 3 methods and educating yourself about the risks of using the internet. Life, is about risk. We know at any time we can contract a cold from a neighbor, fellow bus rider or a family member. However, we don’t stay indoors. We live our lives, we wash our hands frequently and we know the risk, but we don’t let it master us. Think of protecting your pc and devices like washing your hands. Stay up-to-date with virus protection, keep secure passwords and take a few moments to read the news. Never be afraid to reach out and ask questions about online security. The more we all understand, the safer the internet will be.
If you blog and would like your work considered for Minnesota Blog Cabin, please submit our registration form.