DNSChanger Server Fix to End Monday: Are You Infected?

(Ping! Zine Web Tech Magazine) – When the U.S. FBI circled in on spammers running malware known as DNSChanger last year, it faced quite the dilemma: Knock infected internet users’ computers offline by simply disabling the malware’s servers or buy some time by rerouting their service activity to new ones.

DNSChanger had succeeded in forcing its victims’ computers to become reliant on “rogue” DNS servers, a scam operation that would direct the systems to websites advertising phony services and products. So exactly how did it work?

“When users of infected computers clicked on the link for the official website of iTunes, for example, they were instead taken to a website for a business unaffiliated with Apple Inc. that purported to sell Apple software,” commented the FBI in November when discussing the issue.

Cyber criminals allegedly succeeded in making millions in illegal profits. Four million were hit with the malware. In just the U.S., 500 thousand users received the virus. Making its decision, the FBI decided to go with option two by setting up legitimate servers in place of the rogue ones, thus rerouting infected systems to a stable platform.

However, the bureau never intended for the plan to be permanent. In the months following the November indictment of the scammers behind DNSChanger, the government worked to help those possibly infected clean their computers, even providing links for “DNSChanger Check-UP sites” through forms.fbi.gov.

The FBI will pull the plug on the servers set up in place of the rogue ones on Monday, a move that could prove disastrous for some users who failed to remove DNSChanger. In effect, malware victims could have trouble accessing the web. There is a plan in place, however, to help. FBI supervisory special agent Tom Grasso indicated in a report from USA today that many Internet service providers are ready to assist customers with any problems.