The problem affected customers worldwide, including chipmaker Intel, Rhode Island hospitals, Kentucky police, University of Michigan's medical school, and an Australian supermarket chain
McAfee published an apology Thursday night and provided a tool to fix the problem.
The fallout has gone beyond a stain on McAfee's brand. According to a post by Matthew Hines on eWEEK Security Watch, scammers are (predictably) preying on those trying to fix their computers, using malicious SEO techniques:
Among the infected results showing up are those with the titles such as "Mcafee Dat 5958" or "Mcafee 5958", which specifically invoke the naming convention associated with the involved AV update, but this has changed over the last day, and "will no doubt change again," the researchers contend.
Most of the poisoned results redirect users to sites which predictably encourage people to download fake AV programs, which actually themselves contain Trojan threats.https://o1.qnsr.com/log/p.gif?;n=203;c=204663295;s=11915;x=7936;f=201904081034270;u=j;z=TIMESTAMP;a=20410779;e=i
As someone who has suffered through computer crashes caused by viruses and has lost both data and work time because of it, I certainly empathize with those hit by the McAfee crisis. After all, you should be able to trust your antivirus software to protect you, not cause harm.
But I also think there are some things we can gain from this incident. One is to have patience -- and I know that isn't easy when in the midst of a blue screen of death meltdown -- when it comes to finding a fix to ensure that you aren't being duped into adding more infected software to your system. Another is to take the opportunity to re-evaluate the steps you take to secure your computer and your network, as suggested in an article at eWEEK. The article recommended testing new antivirus definition files before putting them out into the network and to reconsider cloud-based systems that accept automatic updates.