DNS Malware -- Potential Internet Mini-Apocalypse

[important]I'm pretty sure this is a big deal.[/important]

(via Mental_Floss)

An Estonian band of hackers have spread a virus which, according to the FBI, has infected more than 277,000 computers worldwide.  There are apparently about 64,000 computers still infected in the US.  Computers still infected at 12:01am EDT, July 9, will lose their ability to go online.

Once again, for emphasis:  Computers still infected at 12:01am EDT, July 9 (Next MONDAY) will LOSE THEIR ABILITY TO GO ONLINE.

According to AP,

The problem began when international hackers ran an online advertising scam to take control of more than 570,000 infected computers around the world. When the FBI went in to take down the hackers late last year, agents realized that if they turned off the malicious servers being used to control the computers, all the victims would lose their Internet service.

In a highly unusual move, the FBI set up a safety net. They brought in a private company to install two clean Internet servers to take over for the malicious servers so that people would not suddenly lose their Internet.

Social networks have apparently been reaching out to their users, to alert them if their computer is infected.  and there are websites you can go to to confirm that your computer is clean.  Google and Facebook should let you know, but if they didn't, you might still want to check out DCWG, the company that is running the safety net.

If you're in the US, this link will take you to a check-up site.

More on Google warnings; IE vulnerability

(via PC World) Previous context So, I've heard good things about the new release of Internet Explorer, which challenges my preconceived biases against the browser.  But, good news!  The current manifestation of the program has a vulnerability in it that makes it much easier to continue to be snarky.

The security warnings that some Gmail users have been getting, warning them that their accounts may be under attack by a state-sponsored organization, are apparently being triggered -- at least in part -- by a vulnerability in Internet Explorer that can be triggered on certain websites, but only through that browser.

In order for a hacker to exploit the vulnerability, an IE user needs to land on an infected webpage. To steer traffic to such pages, cybercriminals will typically use phishing e-mails or instant messages containing links to the infected locations.

Until Microsoft patches the vulnerability, the company is offering a temporary solution that can be downloaded from its Technet website.

According to cybersecurity software maker Trend Micro, the vulnerability has prompted Google to issue warnings to some of its Gmail users. "Google is flagging attempts to exploit this vulnerability by noting 'Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer,'" it said in an e-mail to PCWorld.

"Reports show that this vulnerability has been used to compromise Gmail accounts," it added.

Microsoft plans to patch the problem soon, but if you use IE and don't have Gmail, you might want to be careful on the internet in the near future.

Or, you know, switch to Chrome.