Wednesday, April 25, 2012

July 9: Doomsday for Your PC or Mac If It Has This Malware

There’s a trojan out there that tricks computers — both PCs and Macs — into redirecting all their Internet traffic through malicious servers. Even though the trojan’s creators have been stopped and arrested, millions of PCs could still be infected. For those machines, the Internet will cease to exist on July 9.
The reasons are technical, and they go back to 2007. That was the year the trojan first surfaced, according to PC World. The malware, which can infect both Windows and Mac computers, essentially creates a botnet by changing how the machine accessed DNS.
DNS (Domain Name Service) is how the web organizes its addresses. It’s the system that lets you simply type in “” instead of some kind of long and incomprehensible IP address filled with letters, decimals and numbers. Your computer talks to a DNS server operated by your Internet Service Provider (ISP) to find all the websites that you visit every day.
The trojan, called DNS Changer, redirects your computer’s DNS queries from your ISP’s server to one created by the trojan’s creators — essentially hijacking all Internet traffic from your machine. That way, the bad guys can send you to hacker-created websites filled with ads whenever they want.
The good news: The FBI shut down the operation, called Rove Digital, last November when they arrested six Estonian nationals behind the botnet and shut down their malicious servers. To ensure infected computers wouldn’t be cut off from the Internet entirely, the FBI set up its own DNS servers.
The bad news: Those friendly servers will soon be shut down. They were originally going to run only four months, but a judge ordered an extension of their operation until July 9 since it’s estimated that hundreds of thousands of computers are still infected.
If a machine is still has the trojan and tries to access the web on July 9, it won’t be able to access anything. With Internet access cut off, it would be very inconvenient to download and install anti-virus software.
If you suspect you’re infected, go to the DNS Changer Check-Up website, which should let you know if your computer’s DNS is working properly. Should your machine test positive, an organization called the DNS Changer Working Group has a list of anti-virus tools for cleaning it up. The FBI has an even more comprehensive to-do list.
Even with the extra time and cleanup tools, however, it’s likely a few machines will slip through and not get the update by July 9. What do you think should happen to reach those computers in time? Sound off in the comments.

Jason Kiwaluk

Mower & Shoveller,

Ecommerce | Adtech | Innovation | Strategy

Featured Post

The Challenge of Securing Data in our IoT Future

Since 2008, the number of people connecting to the Internet has been outpaced by the number of objects. With the growth of devic...


I'm losing my edge to better-looking people with better ideas and more talent. And they're actually really, really nice.

"Ability has nothing to do with opportunity."
Napoleon Bonaparte

assistant manager of my life