Saturday, April 21, 2012

DNS Malware Problem to check on


Web could vanish for hordes of people in July, FBI warns
If your computer is infected with the DNSChanger virus, your summertime Internet activities will be seriously curtailed -- as in buh-bye. But a special Web site can help you fix the problem.

by Edward Moyer  April 21, 2012 5:30 AM PDT

The FBI is warning that hundreds of thousands of people could lose their Internet connections come July, unless they take steps to diagnose and disinfect their computers.
The problem is related to malware called DNSChanger that was first discovered way back in 2007 and that has infected millions of computers worldwide.
In simple terms, when you type a Web address into your browser, your computer contacts DNS (or Domain Name System) servers to find out the numerical Internet Protocol (IP) address of the site you're trying to reach, and then it takes you there. DNSChanger fiddled with an infected machine's settings and directed it to rogue servers set up by a crime ring -- servers that handed out addresses to whatever sites the ring chose.

As a U.S attorney said in an FBI press release, the crooks "were international cyberbandits who hijacked millions of computers at will and rerouted them to Internet Web sites and advertisements of their own choosing -- collecting millions in undeserved commissions for all the hijacked computer clicks and Internet ads they fraudulently engineered."
Late last year, however, the FBI disrupted the ring and seized the rogue servers. And since so many infected computers relied on the servers to reach the Internet, the agency opted not to shut them down and instead converted them to legitimate DNS machines.
Running the machines costs the government money, though,so they're being switched off in July. If your computer is infected with DNSChanger then, the Web -- for you -- will no longer exist.

The DNSChanger Working Group (DCWG), the body set up to oversee the servers, has created a Web site to help you diagnose your machine and, if necessary, remove DNSChanger. You can check it out atwww.dcwg.org. And it's probably not a bad idea to do so sometime before, say, July 8 (the DCWG says the servers will be shut down the following day).