DNSChanger Malware: Is your computer infected?
Las Vegas, NV (KTNV) -- The Federal Bureau of Investigation is warning people to check their computers this weekend, or you may be kicked offline.
International hackers set up an online advertising scam and were able to take control of millions of computers across the world.
"A lot of people think the Internet is safe. And unfortunately it's not always safe. You have to protect yourself," said FBI Special Agent David Schrom.
The FBI will pull the plug on Internet access Monday, July 9, to hundreds of thousands of computers infected with malware, known as DNSChanger.
"They can now control where you go to. If you type in google.com they can redirect you to a different server. They can infect you with a different malware, different payload, different virus, do whatever they want," explained David Hansen, CEO of Hansen Networks.
Last year, the FBI located a group of seven cyber criminals overseas. They infected more than 4 million computers; 500,000 were in the U.S.
"So what these bad guys did is, they sent people to websites that they had set up, hoping they would click on items and each time they clicked, they got paid. And ultimately they got $14 million from this," said Agent Schrom.
Here's how it works: The malware secretly altered settings on infected computers, allowing the suspects to digitally hijack searches and re-route computers to certain websites.
"You can have the best security system in the world, but if you click on a link to go to a website that downloads software at your request, it doesn't matter what kind of security you have because you're inviting it in," explained Schrom.
To fix the matter, the FBI is turning off the malicious servers on Monday, which will cause victims to lose Internet service, if their computer is still infected.
Fortunately the suspects were not stealing information from the victims, but benefiting from their clicks.
If you want to check your computer, to see if it's infected, click here. Once you're there, click on "Detect" at the top of the page. Scroll down to the middle of the page and click on the top URL link in the grayish-green striped box (next to English). Another screen will pop up and will show "Green" if you're safe, or "Red" if you need to cleanup your computer.
In that case, the website has a step by step process on how to fix it.