Skip to comments.Web could vanish for hordes of people in July, FBI warns
Posted on 04/26/2012 2:30:18 AM PDT by Las Vegas Dave
The FBI is warning that hundreds of thousands of people could lose their Internet connections come July, unless they take steps to diagnose and disinfect their computers.
The problem is related to malware called DNSChanger that was first discovered way back in 2007 and that has infected millions of computers worldwide.
In simple terms, when you type a Web address into your browser, your computer contacts DNS (or Domain Name System) servers to find out the numerical Internet Protocol (IP) address of the site you're trying to reach, and then it takes you there. DNSChanger fiddled with an infected machine's settings and directed it to rogue servers set up by a crime ring -- servers that handed out addresses to whatever sites the ring chose.
As a U.S attorney said in an FBI press release, the crooks "were international cyberbandits who hijacked millions of computers at will and rerouted them to Internet Web sites and advertisements of their own choosing -- collecting millions in undeserved commissions for all the hijacked computer clicks and Internet ads they fraudulently engineered."
Late last year, however, the FBI disrupted the ring and seized the rogue servers. And since so many infected computers relied on the servers to reach the Internet, the agency opted not to shut them down and instead converted them to legitimate DNS machines.
Running the machines costs the government money, though,so they're being switched off in July. If your computer is infected with DNSChanger then, the Web -- for you -- will no longer exist.
The DNSChanger Working Group (DCWG), the body set up to oversee the servers, has created a Web site to help you diagnose your machine and, if necessary, remove DNSChanger. You can check it out at www.dcwg.org. And it's probably not a bad idea to do so sometime before, say, July 8 (the DCWG says the servers will be shut down the following day).
In order to assist victims affected by the DNSChanger malicious software the FBI obtained a court order authorizing Internet Systems Consortium (ISC) to deploy and maintain temporary Clean DNS servers. The solution is temporary and intended to buy time so that victims can clean affected computers and restore their normal DNS settings. For more information on DNSChanger visit the FBIs Operation GhostClick Information Page.
Of possible interest to the ping lists..
Ping for later.
It would have been more useful to have the DNS machines route everything to a web site which displayed a page telling you that your machine is infected, and directing you to an Apple or MS site with instructions on how to fix it.
Thanks for posting this. Very interesting. I just checked all my computers and got the green on all of them.
But FR will still be up. :’) Thanks LVD.
Yeah I got that green screen thing too...but did you read the fine print?
It said you could still be infected....
Ugh....just like the government what a waste of effort.
I’d rather work with MS or Apple (yes, I have both) to resolve a real problem, should it occur, than let the government scan my hard drives.
I just followed the instructions on checking your system by examining the Windows7 configurations. That, along with the checker sites, should do the trick.
Thanks for the information!
Too friggin’ brilliantly simple. Therefore the government will never do it.
I’ll always take these advisories seriously after getting pummeled by Conficker on about 30 machines.
Might mean a little extra cash on the side though.
For the Horde!
That would have required someone with knowledge of how the web works in order to implement. One single DNS entry and a webserver with Apache rewrite rules. This is apparently too much for the gnomes at the FBI.
Does anyone else think there is a lot of weirdness going around today?
1. Muslim sex with dead wives.
2. Navy naming a ship after Harvey Milk.
3. Doomsday computer warnings.