Skip to main content

The Globe and Mail

On Monday, thousands of Canadian PCs could be at risk

The new Windows 7 operating system installation DVD is pictured on a notebook at the Windows 7 Launch Party in New York, October 22, 2009. Microsoft Corp. launched Windows 7 on Thursday in its most important release for more than a decade, aiming to win back customers after the disappointing Vista and strengthen its grip on the PC market.

Shannon Stapleton/REUTERS

About 9,000 Canadian-owned computers could be infected and lose access to websites, email and social networking on Monday when the FBI shuts down temporary servers used to stop a scam, say experts.

Overall some 300,000 computers, most of them in the United States, Italy and India, could be infected and lose their Internet service, Queen's University associate professor Thomas Dean said Friday.

"The computer will start up, but when you try to use your mail or try to use your browser, you are going to get some kind of error message," Mr. Dean said from Kingston, Ont.

Story continues below advertisement

Warnings about the Internet problem have been splashed across Facebook and Google and Dean said that initially about four million computers were infected globally.

The FBI took down hackers last fall in an online advertising scam and had clean servers installed to take over from the malicious servers so that people wouldn't lose their Internet service right away, but the replacements are being turned off on Monday.

Mr. Dean said Canadians can go to to check if their computers are infected and take appropriate measures. He said Canadians may also have to check routers to see if they have been affected, too, and reset them.

"We've got roughly 9,000 computers that still appear to be infected," he said about the Canadian situation.

If computers have been infected due to the scam, they haven't been able perform anti-virus software or system updates, leaving them vulnerable to other malware, said Mr. Dean, who teaches in Queen's University's department of electrical and computer engineering.

The DNSChanger Trojan was a malware program created to redirect Internet traffic and hijack online searches.

Symantec's Dean Turner said Eastern European and Russian hackers generated a profit of $14-million by setting up rogue servers and getting paid for driving traffic to malicious websites, and for also putting fake ads on top of real ads on legitimate websites.

Story continues below advertisement

"It was basically click fraud, hijacked searches," said Mr. Turner, director of Symantec's Global Intelligence Network for the software security company.

While Mr. Turner said it's difficult to predict how many infected computers would be in Canada, he said 9,000 wouldn't be "out of whack."

On Monday, infected computers will get message saying "Cannot find this website," he said from Calgary.

"It would block all access to the Internet."

Report an error

The Globe invites you to share your views. Please stay on topic and be respectful to everyone. For more information on our commenting policies and how our community-based moderation works, please read our Community Guidelines and our Terms and Conditions.

We’ve made some technical updates to our commenting software. If you are experiencing any issues posting comments, simply log out and log back in.

Discussion loading… ✨