FBI Steps Up ‘Internet Doomsday’ Awareness Malware Campaign
By Jared Newman
PC users infected with a strain of malware called DNSChanger will face their own personal Internet doomsday in July unless they disinfect their computers, the FBI warns.
Users have until July 9 to rid themselves of the DNSChanger malware, which can infect Windows PCs and Macs alike. After that, the FBI will throw a switch that prevents infected computers from accessing the Internet.
It’s not as Big Brother as it sounds. DNSChanger is a Trojan that surfaced in 2007 and infected millions of machines. The malware would redirect computers to hacker-created Websites, where cyber-criminals sold at least $14 million in advertisements. DNSChanger also prevented computers from updating or using anti-virus software, leaving them vulnerable to even more malicious software.
Last November, in one of the biggest cybersecurity takedowns ever, the FBI arrested six Estonian nationals that allegedly ran the clickjacking fraud, and seized the rogue DNS servers where infected users were being redirected. The FBI has put up surrogate servers in place of the malicious ones, but only temporarily.
Now, the FBI wants to shut down those servers. Doing so would prevent infected PCs from reaching the Web, because they’ll be trying to redirect through servers that no longer exist. Although the Feds aren’t shutting down the Internet, they will be severing the link on which infected users have relied.
If users don’t rid themselves of DNSChanger before the July 9 server shutdown, they’ll have to load anti-virus software on their computers by disc or USB drive. That could be a major headache for users who don’t have access to a second PC for downloading anti-virus software.
To find out if you’re infected, visit the DNSChanger Check-Up site, which checks the DNS resolution of your PC without installing any additional software. For infected users, the DNSChanger Working Group has a list of anti-virus software that can fix the problem, and Avira offers a repair tool specifically for DNSChanger.