Check Your Computer Now: Internet Could Go Dark July 9

If your computer is infected with DNSChanger malware; you could be unable to access the internet as of this coming Monday, July 9.

That’s when the FBI is shutting down servers that have been keeping infected computers up and running even after they busted the gang of cybercriminals behind the DNSChanger scam.

A press release from the FBI describes how it worked:

The malware secretly altered the settings on infected computers enabling the defendants to digitally hijack Internet searches and re-route computers to certain websites and advertisements, which entitled the defendants to be paid. The defendants subsequently received fees each time these websites or ads were clicked on or viewed by users. The malware also prevented the installation of anti-virus software and operating system updates on infected computers, leaving those computers and their users unable to detect or stop the defendants’ malware, and exposing them to attacks by other viruses.

In order to assist victims affected by the DNSChanger malicious software, the FBI obtained a court order last March authorizing the Internet Systems Consortium (ISC) to deploy and maintain temporary clean DNS servers. That solution was temporary,  and provided additional time for victims to clean affected computers and restore their normal DNS settings.

The clean DNS servers will be turned off on July 9, 2012, and computers still impacted by DNSChanger may lose Internet connectivity at that time.

So, now would be a good time for you to check your computer. I’ve provided some links below to help you do that. Your internet service provider (ISP) can also help. Comcast, for example, has a pro-active notification service that lets customers know if their computers have been infected. In addition, Comcast, Verizon and Cox all provide anti-virus software free of charge for their customers.

Why would they do that?

Well, if your computer becomes part of a Botnet, which is a collection compromised computers on the internet; it can be used as part of a mass attacks that against websites, banks, corporations, government agencies, and more. So, the more effective ISP’s are at protecting their customers from malware; the easier it is for them to protect their networks.

At the height of its infection, the DNSChanger Botnet included more than 4 million computers in 100 countries; at least 500,000 of them here in the US. While many have been cleaned up since news about the problem and the subsequent FBI arrest of 6 Estonians charged with masterminding it; there are many computers that are still infected.

To make sure yours isn’t one of them; follow the links below.

FBI: How to Find and Remove DNSChanger

DNSChanger: FBI press release

DNSChanger Working Group (DCWG)


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s