What can you tell me about the FBI shutting off the Internet for thousands of users on March 8?
Last year, a group that infected more than 4 million computers worldwide (with an estimated half a million in the U.S.), with what is called the DNSChanger Trojan, was brought to justice.
The Domain Name System is the backbone of the Internet’s address scheme and DNS servers are special computers around the world that act as Internet traffic cops, providing directions to Web sites you wish to visit.
If your computer was infected with the DNSChanger Trojan, you are being sent to a “rogue traffic cop” that would send you into a virtual dark alley to be mugged. It also made sure you couldn’t get to security sites that had tools to help you clean up your computer.
The FBI decided to get a court order allowing them to replace the rogue DNS servers with legitimate stand-ins so all the infected computers wouldn’t get cut off without warning, giving them time to get the word out.
The court order runs out on March 8, so anyone still infected with the DNSChanger Trojan will no longer be able to access the Internet because the temporary DNS servers won’t be online anymore.
So you can see the characterization of the FBI using a kill switch to cut our citizens off from the Internet is pretty inaccurate.
If everyone infected by this Trojan cleans it up before March 8, no one will have a problem, but the infection is so widespread, it isn’t likely to happen.
If you are somewhat technical, you can do a self-check of your computer to make sure you’re not infected by comparing your computer’s DNS setting to the list of rogue DNS servers:
188.8.131.52 through 184.108.40.206
220.127.116.11 through 18.104.22.168
22.214.171.124 through 126.96.36.199
188.8.131.52 through 184.108.40.206
220.127.116.11 through 18.104.22.168
22.214.171.124 through 126.96.36.199
The FBI has published a pretty decent guide to performing the self-check at www.goo.gl/raqfL, but if you aren’t comfortable doing the check yourself, make sure you consult a tech savvy friend or professional to avoid getting cut off on March 8.
If you are infected by the DNSChanger Trojan, the FBI reminds us this malware also disables security updates, which could have further exposed you to other malware. Be sure you have a thorough cleanup performed, and you get caught up on all the missing updates if you find your computer has been compromised.