Connect to share and comment
DNS-Changer malware could potentially kick thousands off web on Monday.
Hundreds of thousands of Internet users worldwide could be without Internet access on Monday due to a clever Estonian-engineered "malware" virus, according to the FBI.
Will your computer be among the afflicted?
The indisputably clever DNS-Changer software was created by a ring of Estonian criminals. The group engineered the malware to redirect users computers from the DNS (domain-name-server) servers they chose to search for, to "rogue" servers manufactured by the miscreants, according to the FBI.
The US has charged six Estonians and a Russian culprit in the orchestration of the worldwide Internet fraud, and two of the men have been extradited to New York, where they appeared in Manhattan federal court. The Russian suspect is still at large, Reuters reported.
Though there has been concern over Monday's shutdown, experts consider the virus' threat to be a small one, especially when compared to viruses like Zeus and SpyEye, used to commit financial fraud on millions of PCs, according to Reuters.
A user attempting to pull up iTunes might be directed to a fraudulent website selling Apple products, according to Mike Orcutt of the Technology Review; another might simply see fraudulent advertisements. Most insidiously, it's almost impossible for average users to tell if they have been infected.
Read More: Detailed FBI information on how DNS-Changer works, and what to do about it
According to FBI sources, DNS-Changer now affects around 275,000 computers worldwide, including 45,355 in the United States, according to Reuters. The FBI, in a superbly-titled action called "Operation Ghost Click," shut down the crime ring in November 2011 - but unfortunately, the DNS-Changer malware has proved a lot harder to stomp out.
To buy IPs time, the FBI and the Internet Systems Consortium worked together to provide a temporary fix, re-re-routing the fraudulent traffic. During this period, your Internet service provider was supposed to contact you and inform you if your computer was among the affected. Google and Facebook have also alerted some potentially affected users.
The temporary fix will be shut off on Monday - meaning users whose ISP's haven't managed to inform them of the infection yet could be in for a very inconvenient start to their work-week.
So how to know if your computer might be among the affected?
Users worried about their machines can use this Australian web-site or this FBI page to check out their systems. False-positives are possible if your machine is already having its IP re-routed to mitigate the effects of DNS-Changer.
If your computer is affected, it's wise to first visit the FBI's website and register as a victim of the malware crime ring. The DNS Changer Working Group has an informative website that lists utilities and fixes for the DNS-Changer malware.
Just remember to check out these online fixes before Monday, or you might be in for a world of disconnected hurt.