Skip to main content

The Globe and Mail

About 9,000 Canadian computers face infection threat

Employees are increasingly opting to work on their personal laptops and smartphones in a trend driven by the popularity of Apple consumer devices.

L.G. Patterson/CP/AP

About 9,000 Canadian-owned computers could be infected and lose access to websites, e-mail and social networking on Monday when the FBI shuts down temporary servers used to stop a scam, experts say.

Overall some 300,000 computers, most of them in the United States, Italy and India, could be infected and lose their Internet service, Queen's University associate professor Thomas Dean said Friday.

"The computer will start up, but when you try to use your mail or try to use your browser, you are going to get some kind of error message," Prof. Dean said from Kingston, Ont.

Story continues below advertisement

Warnings about the Internet problem have been splashed across Facebook and Google and Prof. Dean said that initially about four million computers were infected globally.

The FBI took down hackers last fall in an online advertising scam and had clean servers installed to take over from the malicious servers so that people wouldn't lose their Internet service right away, but the replacements are being turned off on Monday.

Prof. Dean said Canadians can go to to check if their computers are infected and take appropriate measures. He said Canadians may also have to check routers to see if they have been affected, too, and reset them.

"We've got roughly 9,000 computers that still appear to be infected," he said about the Canadian situation.

If computers have been infected due to the scam, they haven't been able to perform anti-virus software or system updates, leaving them vulnerable to other malware, said Prof. Dean, who teaches in Queen's University's department of electrical and computer engineering.

The DNSChanger Trojan malware program at issue was created to redirect Internet traffic and hijack online searches.

Symantec's Dean Turner said Eastern European and Russian hackers generated a profit of $14-million by setting up rogue servers and getting paid for driving traffic to malicious websites, and for also putting fake ads on top of real ads on legitimate websites.

Story continues below advertisement

"It was basically click fraud — hijacked searches," said Mr. Turner, director of global intelligence for Symantec, a software security company.

While Mr. Turner said it's difficult to predict how many infected computers would be in Canada, he said 9,000 wouldn't be "out of whack."

On Monday, infected computers will get message saying "Cannot find this website," he said from Calgary.

"It would block all access to the Internet."

McAfee's Robert Siciliano said computer users who have no access on Monday may wrongly assume that their Internet service provider is having problems and flood them with calls.

"It will ultimately be a nightmare for customer service," said Mr. Siciliano, who specializes in online security at McAfee, another anti-malware security company.

Story continues below advertisement

ISPs may have to bring in tech support if they're inundated with calls, he said.

Bell said it has been contacting customers by phone and e-mail for some time about the potential problem.

The telecom company also has a webpage that explains the problem and directs consumers to the Canadian Internet Registration Authority's online diagnosing tool.

Report an error
As of December 20, 2017, we have temporarily removed commenting from our articles. We hope to have this resolved by the end of January 2018. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to If you want to write a letter to the editor, please forward to