Malware Monday: Internet Blackout Coming for Thousands

Malware Monday: ‘DNSChanger’ Malware Could Strand Thousands When Domains Go Dark on Monday

Staff Report

WASHINGTON, DC - As many as 70,000 people in the United States could lose their access to the Internet next Monday. Millions of computers around the world were infected by the DNSChanger malware in an attempt by malicious hackers to make money. The FBI busted up the virtual gang, but they had to put temporary measures in place for the tens of thousands of infected computers around the world.

According to Wired magazine, "the malware also prevents infected machines from downloading operating system and antivirus security updates that could detect the malware and stop it from operating. When an infected user's machine tries to access a software update page, a pop-up message says the site is currently unavailable."

Two Internet servers that were set up to tackle the problem temporarily will be shut down by the FBI at 12:01 a.m. EDT Monday, July 9, 2012. The good news is that you can check to see if your computer is infected before then so you do not lose Internet service next week.

Citizens can check www.dcwg.org to automatically find out if their computer is infected or not. The website also gives information on the steps needed to be taken to remove the malware. The FBI has released a PDF explaining the problems (and fixes) that you can download here.

Back in November of 2011, U.S. prosecutors told the public about Operation Ghost Click. This busted a ring of cyber criminals who had infected millions of computers with malware - DNSChanger.  Basically, the malware changed the DNS settings of the infected computer, sending your Internet traffic to a fake DNS server.

The FBI put a new nameserver in place, but they will be taking that down on Monday, which means the tens of thousands of people who are still infected will not be able to connect to the Internet on Monday.