Sunday

The 'DNS Changer' Deadline

You have probably heard about the "DNS Changer" malware and something about a "deadline" - so what's it all about? Well, DNS refers to the method computers use to figure out which web site you want to go to.




Computers don't "know" what www.google.com means, but they do know what an IP address of 173.194.69.99 represents (of course, it's easier for us to remember www.google.com, which is why DNS is there in the first place). The Internet uses DNS Servers, computers that respond to lookup requests and provide the correct IP address for a given domain name (like Google.com).


So, if computers use DNS as a sort of Yellow Pages, what happens if DNS is mucked up? Well as you may guess, you would end up on the wrong site. The DNS Changer malware would point the infected computer to one of several bogus DNS servers, which could then direct your searches and so on to dodgy websites, running various scams and money-making tricks.


Once this ruse was discovered, the bogus servers were replaced with legitimate ones, so that even though the computers were actually still infected, they could now get to the correct sites.  The FBI handled this as part of Operation Ghost Click.


The deadline part is due to the fact that the FBI is taking these replacement servers offline on July 9th. So if you computer is infected, after July 9th your Internet connection will be messed up; you won't see your search page and Internet connected applications will likely not work.


Google, Facebook and some Internet Services Providers are making attempts to alert users who appear to be connecting via infected computers - but I would not rely on just that. At it's peak over 4 million computers were infected, so, now - today - is probably a good time to:


1 - check if you have the infection
2 - clean it up


Visit the DCWG site (DNS Changer Working Group) for details.

No comments :