On Monday morning, approximately 300,000 computers will lose Internet connectivity due to the DNSChanger malware. The DNSChanger malware, which manipulated DNS settings to replace good DNS servers with rogue servers, redirected unknowing users to webpages filled with advertisements in order to generate illegal profits. Prior to being arrested by the FBI in November of 2011, the six Estonian hackers behind DNSChanger netted over $14 million!
Following the arrests, the FBI took the unusual step of hiring private contractors to prevent millions of worldwide Internet users from immediately losing connectivity. The contractors were able to prevent the service interruption by replacing the malicious servers with clean DNS servers. However, due to the resources required for the DNS servers, the FBI has decided to shut down the clean DNS servers at 12:01 A.M. EDT on Monday, July 9th.
To determine if your computer is one of approximately 300,000 computers still infected with the DNSChanger malware, simply follow the instructions below:
- Visit the FBI recommended diagnostic site.
- If you are presented with a green background (pictured above), your computer is free of malware. If you are presented with a red background, your computer is infected with the DNSChanger malware.
- If your computer is infected, simply visit the “Fix” page and follow the removal instructions or install one of the free malware removal tools.
- If you are experiencing an Internet connectivity problem after July 9th and you suspect your computer is infected, contact your ISP for assistance.