Tuesday, February 21, 2012

Truth About the March 8 Internet Doomsday

"Heard the one about the FBI shutting down the Internet next month?

"...an untold number of people may lose their Internet connection in less than three weeks, if they do they only have nefarious web criminals to blame and certainly not the FBI.
"If people end up in the dark on March 8 it’s because they’re still infected with the malware the FBI started warning people about last November when it shut down a long-standing Estonian Web traffic hijacking operation that controlled people’s computers using a family of DNSChanger viruses. The malware works by replacing the DNS (Domain Name System) servers defined on a victim's computer with fraudulent servers operated by the criminals. As a result, visitors are unknowingly redirected to websites that distributed fraudulent software or displayed ads that put money into the bad guys’ pockets.

"To help protect victims, the FBI replaced the rogue servers with legitimate ones -- a measure the agency said would be in effect for 120 days. Had it not taken that step and simply shut down the bad servers back in November, infected computers would have been immediately blocked from Internet access....The malware also prevents security updates and disables installed security software.
"So the current problem isn’t that the FBI will be shutting down the Internet when the 120 days runs out on March 8, it’s that many people and organizations haven’t removed the malware from their computers. In fact, as many as half of Fortune 500 companies and government agencies are delinquent in updating, according to some reports.
"...The FBI ...does offer a resource paper [PDF] with guidance...
"As another alternative, you can use the free Avira DNS Repair Tool to figure out if a computer is using one of the temporary DNS servers. Unfortunately, the tool only works on Windows and doesn't actually remove the Trojan.
"Indeed, removing the malware is a challenge...
"To get help, network administrators can send a request to one of the members of the DCWG and home users can use the step-by-step instructions at the DCWG Web site to see if they’re infected with the DNSChanger malware...

No comments:

Post a Comment