Have you heard that FBI might shut down the Internet next month?
Like many question before it, this desperate warning is floating around blogs and sites. It even names a date: March 8 as the day the FBI might
shut down the Internet.
But dude common Relax, that’s not really the case.
While yes, an untold number of people may lose their Internet connection in less than three weeks, if they do they only have vicious web criminals(hacker) to blame and certainly not the (FBI).
If people end up in the dark on March 8 it’s because they’re still infected with the malware called DNScharger.
This malware works by replacing the DNS (Domain Name System) servers defined on a victim's computer with fraudulent servers operated by the cyber criminals. As a result, visitors are unknowingly redirected to websites that distributed fraudulent software or displayed ads that put money into the bad guys’ wallet.
The worst thing about this malware is: it can also prevents security updates and disables installed security software.Due to this FBI decided to replaced the rogue servers with valid ones to help protect victims
The FBI started warning people about last November 2011 when a family of DNScharger vruses shut down a long-standing Estonian Web traffic hijacking operation that controlled people’s computer.
The agency said this would be in effect for 120 days. Had it not taken that step and simply shut down the bad servers back in November, Only infected computers would have been immediately blocked from Internet access.
So the current problem isn’t that the FBI will be shutting down the Internet when the 120 days runs out on March 8, it’s that many people and organizations haven’t removed the malware from their computers. In fact, as many as half of Fortune 500 companies and government agencies are delinquent in updating, according to some reports.
So the current problem isn’t that the FBI will be shutting down the Internet when the 120 days runs out on March 8, it’s that many people and organizations haven’t removed the malware from their computers. In fact, as many as half of Fortune 500 companies and government agencies are delinquent in updating, according to some reports.
So how do you know if your computer or router is infected with DNSChanger?
FBI says:
FBI says:
the best way to know is to have them checked out by a computer professional,
which admittedly isn’t very helpful.
However, it does offer a resource paper [PDF] with guidance to make that DYI yourself, although even if you find out your system is infected the FBI says you still need a pro to scrub your machine.
However, it does offer a resource paper [PDF] with guidance to make that DYI yourself, although even if you find out your system is infected the FBI says you still need a pro to scrub your machine.
Another alternative is you can use the free Avira DNS Repair Tool to figure out if a computer is using one of the temporary DNS servers. Unfortunately, the tool only works on Windows and doesn't actually remove the Trojan.
KrebsonSecurity also notes that the industry and law enforcement group DNSChanger Working Group (DCWG) has a site that can help people check whether their systems are infected.
Need help? network administrators can send a request to one of the members of the DCWG and home users can use the step-by-step instructions at the DCWG Web site to see if they’re infected with the DNSChanger malware.
If you determine your system is infected you can reinstall your operating system, if you want to remain online after March 8.