For perhaps 64,000 computers in the United States and 300,000 worldwide, the Internet will go dead starting Monday. The story is rather complicated, but at its bottom is a piece of devilment named the DNS Changer Trojan. Here you can find out if your Internet connection is set up for a KO punch and, if so, what you can do to sidestep it.
First, let’s put the problem in perspective. According to one source, there are more than 1 billion computers in the world—which means the odds against being infected are vastly in your favor.
Now some facts about the villain of this piece. The DNS Changer is nothing new—it has been around since 2007—but compromised computers will not lose the Internet until Monday. We’ve assembled some articles here that offer details.
The Los Angeles Times on Saturday wrote about the malware, and PC Magazine also has shed some light (click on “Read more” to see the entire PC Mag article).
As PCMag previously reported, computers infected with the DNS Changer Trojan have been using rogue DNS servers instead of the default servers specified by their company and Internet service provider. DNS servers act as a phone directory for the Internet, translating domain names (say, PCMag.com) to the server’s numeric address, and routing users to the correct website. The cyber-gang behind the malware was using rogue DNS servers to direct users to alternate sites.
After the gang was arrested in 2011, the Federal Bureau of Investigation obtained a court order allowing them to operate DNS servers with those IP addresses so that infected computers can remain online while they got cleaned up. The original cleanup deadline was in March, but has been extended to July 9. On Monday, that court order will expire and the servers will be shut down, leaving infected computers with no DNS server to send their Web requests.
Here’s ABC News’ take:
“The malware problem out there is nasty, and it’s impacted society on multiple levels,” Greene said. “It’s extremely hard to get rid of. In most companies, if they get infected with it, they throw away the hard drive.”
If you can’t do that, follow the instructions. They include backing up your files and reinstalling your operating system.
...The FBI and DCWG recommend contacting your Internet service provider. They’ll be able to give you instructions on what to do next.
You can quickly and easily find out if your computer has been hit by the DNS Changer by clicking here. Green means your computer is clear, red signifies it is infected.
If you get red, don’t panic. There are ways to restore your computer to the right condition, some of them offered by the DNS Changer Working Group, which has put out a comprehensive guide to show you how to “fix, remove, and recover.” But don’t expect a quick cure in every case. Good luck.
—Posted by Tracy Bloom
The check-up page of the DNS Changer Working Group.