It’s something of a 21st Century nightmare — headlines are declaring that come Monday morning, thousands of people could wake up to a startling lack of Internet access all because of a crafty bit of malware. How chilling!
Well, it would be more chilling if people haven’t had plenty of advance warning. What’s more, the steps to detect and eliminate that malware — unimaginatively called “DNSChanger” — are relatively simple, so less-than-tech-savvy folk out there can take care of business with too much outside assistance.
But first, a little background. The whole sordid story began back in 2007 when DNSChanger first started making the rounds. As its name implies, one of DNSChanger’s primary functions was to fiddle with an infected computer’s DNS settings in such a way that users who attempted to surf the web would be re-routed to fraudulent sites instead. To cover its tracks, DNSChanger also prevented infected computers from accessing sites where they could download antivirus and OS security updates that would clean things up.
That being the case, users could still get online, but their view of the Internet was a bit different from ours — the group operating the servers were able to earn a considerable chunk of money by sending people to malicious sites and raking in the ad revenue. The seven men behind the widespread scam reportedly managed to score around $14 million in ill-gotten funds before they were arrested in late 2011. Interestingly, the FBI and Germany’s Information Security Agency made some adjustments and left the system running because of the number of people who would’ve been affected by pulling the plug outright.
You can guess where this is going — that plug finally comes out on July 9, which means anyone who hasn’t yet made the fix will be unable to watch their daily dose of cat videos on YouTube.
Thankfully, the process of getting yourself all squared away is terribly simple — if you haven’t yet, check this site provided by the DNS Changer Working Group to see if you’ve got anything to worry about. On the off-chance that you are infected the working group also refers to a handful of tools to clean things up, though some seem simpler than others.
And that’s all there is to it. If your machine was infected though, there’s a pretty good chance that someone else has already tried to tell you about it. Google began displaying warning messages to users they believed were affected by the DNSChanger malware in their search results back in May, and Facebook decided to do something similar one month later.
Exactly how many computers are infected by DNSChanger remains unclear at this point — the FBI pegs the number of infected at around 275,000, while some estimates reach as high as 300,000. Either way they’re not inconsiderable figures, especially considering that nearly 70,000 of those computers are reportedly based in the United States. That said, most of you savvy TechCrunch readers have probably dodged the DNSChanger bullet with ease, but it’s still worth passing the word along to the less tech-savvy folks in your lives just to be safe.