Facebook is doing its part to alert members whose computers may be infected with the DNSChanger Trojan, a nasty piece of malware thought to be lurking on half a million systems. The campaign comes about a month ahead of the July 9 date on which the FBI is scheduled to take offline all remaining computers compromised by the malware.
If your computer is among the corrupted crop, you will receive a warning on Facebook saying, "Your computer or network might be infected," with a short explanation of the malware and how to remove it from your system. Google undertook a similar outreach campaign a few weeks ago.
In a DNSChanger advisory on its security blog, Facebook instructed those who receive the warning to visit the DNSChanger Working Group website. Another website invested in warning potential victims is http://dns-ok.us ; visiting the site will immediately show you if you're safe (green) or in trouble (red).
The DNSChanger fear began last November, when an FBI sting, "Operation Ghost Click," disabled an Estonian cybercrime ring that had compromised 4 million computers and routers worldwide with the Trojan. The DNSChanger Trojan (DNS is short for Domain Name System) enabled the crooks to hijack legitimate Web traffic and reroute it to corrupt sites under their control, a tactic that netted them $14 million in fraudulent advertising revenue.
The July 9 date is significant because following the November bust, the FBI set up temporary DNS "surrogate" servers to keep the computers compromised by the Trojan online. On March 5, a judge granted the government 120 days to keep the servers online, and a subsequent ruling pushed the deadline to July 9.
If Facebook or Google alerts you that your computer or router is infected, you can change the technical settings on your system by following instructions here. You should also immediately download anti-virus software.