On Monday Internet access will be blocked for thousands of people around the world. This isn’t an urban myth, instead this is the result of computer hackers in Estonia who were nabbed by an FBI sting last year. Since 2007, the thieves infected 4 million computers in over 100 countries, including 500,000 computers in the US. The hackers collected over $14 million dollars until they were caught by the FBI.
These hackers created malware called DNSChanger that redirected Internet traffic through their servers. DNS stands for Domain Name System. DNS takes an Internet address and directs the computer to the proper server so when you type in an address such as google.com, your computer heads to Google’s home page. But the malware redirected computers to malicious websites that looked like real websites.
When the FBI caught the hackers, it intended to shut down the servers immediately but realized that those people who were infected by DNSChanger would be cut off from the Internet if the servers were shut down. So the FBI activated temporary replacement servers to give people a chance to debug their computers. But on Monday, July 9, called “Internet Doomsday” by the media, those temporary FBI servers will be shut down for good.
Think of it like a road trip. Hackers sent traffic on a detour through their tunnel so they could rob from the travelers. The FBI was going to shut down the tunnel but then realized that travelers would hit a dead-end. So the FBI replaced the tunnel with a temporary tunnel that will be open until Monday. After Monday the temporary tunnel will be closed and those still infected with the malware will hit the dead-end and won’t be able to connect to the Internet.
What You Need to Know
- The malware spread worldwide. About 300,000 computers were found be infected as of June 11, including 58,000 in the US.
- The malware hit both computers and routers.
How to Test to See If You’re Infected
To see if you’re infected, go to this website if you’re in the US: DNS Checker. Make sure to check this from each of your computers and from your home router. To check your computer in other countries, visit this website: Check Your DNS.
If you see the screen above, your Internet should not be blocked on Monday. If you get a red screen, either your computer or your router is infected.
Note that if you get a green screen, you may still be infected with DNSChanger. Some Internet service providers anticipated problems with the FBI’s solution and rerouted their Internet traffic. In the analogy I used above, some Internet service providers built their own tunnels so detoured traffic wouldn’t hit a dead-end on Monday.
What to Do If You’re Infected
If you believe your computer has been infected, check out this site: How to Detect and Fix a Machine Infected with DNSChanger, which will help you find out if your computer is infected and how to repair it.
If your computer isn’t infected, your router still may be. Check out this site if you suspect that your router is infected: How to Find, Remove DNSChanger From Your Router.
If you believe your computer is infected and you need help, check with a computer specialist. If find out that your router is infected, contact your Internet service provider so they can help you debug your router.
Make sure to keep an eye on your bills and your bank statements to make sure your financial data wasn’t hacked.
You can find additional information from the FBI website.
Check now to see whether you have been infected by the DNSChanger malware. If you find that you can’t access the Internet on Monday, consult with your Internet service provider or a computer service professional to regain access to the Internet and clean your computer.
Have you heard about Internet Doomsday? Have you checked your computer? Let us know in the Comments section below.
* Cyber Attack image by marsmet 501