Possibly 300,000 – 450,000 people will be without Internet access starting July 9th. Why you ask? Several PCs are infected with a virus called DNS Changer. The virus hides within other software programs. DNS Changer infects your computer once you download and install the program it was hiding in. For example, you could download a program that helps speed up your computer. Unbeknownst to you, inside that program was the DNS Changer virus.
BACKGROUND INFORMATION ON HOW COMPUTERS TALK TO EACH OTHER
We humans are more comfortable with remembering and using words rather than numbers. Computers talk to each other using numbers called an IP address. IP stands for Internet Protocol. Just like every house has its own unique address, every computer on a network or that accesses the Internet has its own unique IP address. An IP address is a group of 4 numbers separated by a decimal.
When you type in www.cnn.com and press enter, the website address gets converted to what the computer is really interested in which is the IP address of the server at cnn.com. The IP address of the server at CNN.com is 126.96.36.199. Once the conversion from letters to numbers takes place, the computers can talk to each other and provide us with the information we ask for. Try it for yourself. Start your web browser and type in 188.8.131.52 and press enter. You should end up at CNN’s website.
Domain Name System (DNS) servers make the conversion from letters to an IP address possible. DNS was invented back in 1983 by the Internet Engineering Task Force. I guess they knew we would be more comfortable typing in letters rather than numbers. Think of DNS as the phone book for the Internet. We type in a web address, DNS looks up the corresponding IP address for the website address we just typed and helps the two computers connectfind each other.
Without DNS servers doing their jobs, the Internet would basically stop.
Now on to the problem that is coming on July 9th.
The name of the virus is DNS Changer. It is a Windows & Mac virus that has been around since 2007. In November 2011, the FBI, working with Estonian Authorities, help bust the Estonian cyber gang behind the malware. It is estimated that over a four-year period, the cyber crooks generated 14 million dollars, largely through click fraud.
THE PROBLEM IT CAUSES
By automatically changing the DNS settings on infected computers or routers, the virus points your computerbrowser to its own malicious DNS servers. Those DNS servers will only allow you to browse to specific sites the virus writers want you to go to. Those sites could be ad sites (the crooks earned money each time you visited ad sites they were affiliated with), malware sites to further infect your computer or spam sites.
THE TEMPORARY SOLUTION
The FBI found out who created this virus and shut them down. Of course they did not know exactly who or how many people were infected before the bad guys were caught. In an effort to help, the government put up good (clean) DNS servers so those people with unknowingly infected computers could still get to the Internet. The FBI has taken steps to identify, find and alert people that may have infected computers. However, I seriously doubt they spent a lot of time tracking down people and thus probably did not actually reach very many to warn them.
THE PROBLEM LOOMING OVER THE HORIZON
Well, come July 9th the government is going to turn off those temporary fix DNS servers. Why? It costs money to keep them up and running and the fix was never meant to be a permanent solution. The FBI has worked with various Internet Service Providers (ISPs) to help them prepare and configure their own DNS servers in an effort to help their customers that MAY still be infected. When the FBI turns off their servers, those people that still have the virus on their computers will not be able to get to the Internet.
WHAT TO DO
Hopefully you are using a good antivirus program (Avast works well for me) and you keep it up to date. Do a complete scan of your computer(s).
For even more information, I urge you to visit the excellent website DNS Changer Working Group (www.dcwg.org) before July 9th.
Know & stay safe,
John L. Jones