If you’re reading this post right now, chances are, you’re not affected by the DNS Changer malware that was set to block people from accessing web sites today, July 9.
So why today you ask? On Monday (July 9), FBI will take down their temporary Internet servers that was set up as a stop gap to the threat this DNS Changer malware brings. To understand more, let’s go back to 2007.
In 2007, a group of European hackers created this DNS Changer malware to automate those paid-to-click advertising schemes. What happens is once your machine, or your router, or your ISP’s router is affected by the DNS Changer malware, every time you visit a site, you will be redirected to one of those PTC sites instead. It’s a process called “œclickjacking” and has evolved into something that can trick you into giving your personal details and passwords by being redirected to a fake phishing website that looks like that site you are trying to visit, like a banking site for example.
Last November FBI has arrested this group and secured and cleansed their fake DNS servers which the malware is using. Come Monday (July 9), they will shut these servers off which leaves the malware-infected machines with no server to communicate with and thus, unable to access anything.
There’s only about 300,000 affected machines worldwide with 46,000 coming from the United States according to FBI spokeswoman Jenny Shearer.
If you’re wondering if you’re machine is affected, you may visit this link from DNS Changer Working Group (DCWG) which was created to help remediate Rove Digital’s malicious DNS servers under court order.
DCWG also put up a page on how to fix this problem if by the chance you find your machine infected. Drawback is, it might take up to a couple of days before the correct DNS is propagated.
Learn more about this story from FBI.gov.