This Isn’t The First Time Google Has Fought Malware User-By-User

By May 24, 2012

Google is embarking on a quest to notify the owners of 500,000 computers infected with a particular malware that unless they take action, their internet will be shut off on July 19th.

The problem started last November, when the FBI busted an Estonian cybercrime ring that was redirecting traffic to adverts, and pocketing the proceeds. To give users time to remove the malware, which is referred to as DNSChanger, the FBI installed temporary servers to replace the ones the ne’re-do-wells had been using to serve adverts – but that left the FBI with its finger in the dike, since shutting down the replacement servers will disrupt web connnectivity for stragglers who haven’t removed the infection.

So Google is rolling out code that will alert infected users, and suggest steps to remove the malware.

“Starting today we’re undertaking an effort to notify roughly half a million people whose computers or home routers are infected with a well-publicized form of malware known as DNSChanger,” reads an announcement on the Google Online Security blog.

Google tried a similar initiative last summer, when it programmed the site to display warnings to users who were likely infected with a different strain of malware. Company analysts believe Google successfully notified around a million users, and hope to repeat that success by replicating that project.

The initiative presents certain challenges. Web users, particularly the inexperienced, are accustomed to seeing shady ads that claim to be associated with anti-virus software. Google security experts hope, though, that by displaying the notification prominently and in the context of a trusted site, they will be able to notify at least some of the remaining infected computers’ users before July.

The analysts are also hopeful they will have better success than previous attempts to alert users by ISPs and other groups by offering notifications in users preferred language, since only an estimated half of the malware victims speak primarily English.

“While we expect to notify over 500,000 users within a week, we realize we won’t reach every affected user,” Google wrote. “We also can’t guarantee that our recommendations will always clean infected devices completely, so some users may need to seek additional help. These conditions aside, if more devices are cleaned and steps are taken to better secure the machines against further abuse, the notification effort will be well worth it.”

Google’s warning will look like the top image.

Featured Image: Warner Bros. Pictures