Why a Quarter-Million People Around the World May Lose the Internet Monday
The malware is called DNSChanger, and it was the centerpiece of an Internet crime spree that came to an end last November when the FBI arrested and charged seven Eastern European men with 27 counts of wire fraud and other computer crimes. At one point, the DNSChanger malware had hijacked the Internet traffic of about a half-million PCs around the world by redirecting the victims’ Web browsers to Web sites owned by the criminals. They then cashed in on ads on those sites and racked up $14 million from the scheme. When the crackdown came, it was hailed as one of the biggest computer crime busts in history.
But the FBI ended up doing something unusual: It took over the network the criminals had created and thus kept those infected machines up and running. Next week — July 9, to be exact — the FBI will pull the plug on that DNS Network.
If you don’t want to lose your Internet connectivity when that happens, the first thing to do is check to see if your machine is affected. You can do that here. If you see green, you’re good. If red, go here for tips on how to clean up your machine. From there, reset your machine’s DNS settings. It’s a pretty good idea to use a service like OpenDNS, or Google’s public DNS service, to handle your DNS queries. Usually, DNS settings are handled automatically by your ISP, but third-party DNS services can be a little snappier and more up to date, and will also help guard your machine against security threats.
Also, if you run a Web site, it might be worth your while to warn your users to check if they’re infected. In May, Cloudflare, the Web security start-up I wrote about last year, had teamed up with OpenDNS to help Web publishers warn their users about the infection.
Despite those efforts, some 64,000 people in the U.S. and 200,000 more outside the U.S. are still infected and will likely lose their connections on Monday through no fault of their own.