The criminals behind the Malware virus, referred to as the “DNS Changer Malware” were arrested on November 8th by the FBI, the NASA-OIG and Estonian police. In the raid which was part of “Operation Ghost Click”, the agencies shutdown the operation which was using DNS servers to re-route internet traffic to websites other than those intended by the user.
Essentially, when a user types a web address into their computer, the request goes to a DNS (domain name server) which takes the web site name, matches it to the corresponding numerical address (IP address) on the internet, and then forwards the user to that web site. In the scheme the hackers put a malware virus on over half a million computers which directed all internet requests to their DNS server which then routed the user to sites from which the criminals were able to profit.
The FBI has been maintaining the rogue DNS servers in order to maintain internet connections for those users affected. They have of course fixed the proper routing issue. As of this Monday, July 9th however, the servers will be taken off line. Those computers still infected, and therefore still reaching out to the rogue servers, will not be able to connect to the internet until the malware is removed.
The see is your computer is infected; the FBI recommended free web site does not need to actually scan your computer. Instead the web site simply checks your computer’s request when it connects to the web site to see if it is making a request to one of the rogue DNS servers, currently under FBI control. If it is infected, the web site explains the steps to remove the malware. To check your computer, simply go to http://www.dcwg.org/ and then click on the link in the table that applies to your country and language.
More informationabout the DNS Changer Malware virus can be found in a related article on our web site by clicking here.