Slow Computer? How About Stopped Computer?
Paul Watson, PC Technician Friday, April 27th 2012
FBI Busts Malware Ring
Late last year, the FBI busted a small group of hackers operating outside of the United States who were running an operation designed to take advantage of a flaw in Internet Explorer. The flaw and malware redirected user’s website requests and sent unsuspecting users to a site run by the hackers instead. The hackers made millions off of ads sold on the site and viewed by hijacked users.
In some cases, infected computers were also prevented from updating their anti-virus software, which in turn, made the computers more vulnerable to other kinds of malware attacks. About 500,000 computers in the United States were affected by the malware, called DNSChanger.
At its core, DNSChanger reassigned users’ DNS server to one of its own, thereby forcing the computer to travel through the hackers’ illegal ad servers. When the FBI made its arrests, it substituted clean, working DNS serviers for the rogue DNS servers operated by the ring. The FBI recently announced, however, that those clean DNS servers will be shut down on July 9, 2012.
The FBI’s rationale for substituting the servers in the first place was to give affected users time to clean and patch their systems. Some users, however, may be completely unaware that their computers are affected by the malware. Unless these users determine they’re infected and take steps to fix their problems prior to July 9, the affected users will suddenly find themselves unable to access the Internet after the July 9 server shutdown.
To help avoid major slowdowns, users should visit a special website set up by the FBI to see whether their computer is using the FBI’s DNS server. The website address is http://www.dns-ok.us/. Users who visit the site will be shown their DNSChanger status. If the website displays an image with a green background, the user’s computer is not affected by the malware. If the user’s computer displays a red background, the user must take additional steps to reconfigure/clean his or her computer prior to July 9.
At this site, visitors can also find a more complete explanation of the problem, how it originated and what affected users must do to clean their computers.
Photo Credit: Steve A. Johnson, via Flickr