With the FBI approaching their July deadline for taking offline the interim DNS servers put in place following the shutdown of the DNSChanger malware, it could mean hundreds of thousands of PCs are not able to get to the web. Google is chipping in and adding DNSChanger detection to Google products. The messages will be in their preferred language and reads:
Your computer appears to be infected
We believe that your computer is infected with malicious software. If you don’t take action, you might not be able to connect to the Internet in the future.
Learn how to remove this software.
Google anticipates notifying over 500,000 users within a week according to the Google Online Security blog.
Some ISPs have been taking their own actions, a few of which will prevent our warning from being displayed on affected devices. We also can’t guarantee that our recommendations will always clean infected devices completely, so some users may need to seek additional help. These conditions aside, if more devices are cleaned and steps are taken to better secure the machines against further abuse, the notification effort will be well worth it.
CloudFlare and OpenDNS are partnering up to also help warn infected victims. Any site using CloudFlare can opt to activate a Visitor DNSChanger Detector app that will display a warning similar to Google’s at the top of the visited site.
Your computer has DNS settings that mean you probably have the DNS Changer malware. Please visit http://www.dcwg.org/fix/ for help fixing your DNS. You may lose access to the Internet after July 9, 2012 if you don’t fix this. For additional information regarding the DNS changer malware, please visit the FBI’s website. DNS Changer warning powered by CloudFlare.
The DNSChanger Detector app with CloudFlare is active here at 404 Tech Support. For a list of resources for resolving the DNSChanger before the July 9th deadline, read this previous 404TechSupport article.
Do you think this approach will be effective? Do you think this approach should be taken for all malware detections to reduce infected PCs making up botnets?