It has been widely reported that the FBI and Internet Systems Consortium have been keeping formerly rogue DNS servers running to ensure internet access for millions of computer users who have been infected with malware that changed their DNS server. These rogue servers were used to feed ads or channel users to infected websites. The FBI recently announced that it would be shutting down these servers in July, potentially cutting off internet access for a large number of users who are caught unawares.
To prevent this, Google is going to use its popularity to notify users of infected computers. The search engine will notify users using a large warning at the top of a Google search results page. The warning will only appear on computers that are infected.
This announcement came on the Google Online Security Blog in a Google+Online+Security+Blog%29″>post by Google Security Engineer Damian Menscher. From the post:
Our goal with this notification is to raise awareness of DNSChanger among affected users. We believe directly messaging affected users on a trusted site and in their preferred language will produce the best possible results. While we expect to notify over 500,000 users within a week, we realize we won’t reach every affected user. Some ISPs have been taking their own actions, a few of which will prevent our warning from being displayed on affected devices. We also can’t guarantee that our recommendations will always clean infected devices completely, so some users may need to seek additional help. These conditions aside, if more devices are cleaned and steps are taken to better secure the machines against further abuse, the notification effort will be well worth it.
This isn’t the first time Google has used its considerable influence to try and help users protect their computers against malware. Last July, Google issued similar warnings to users who were being redirected through proxies by fake antivirus software.