You may or may not have heard about DNSChanger malware (FBI information site or ABC news story), but if your computer is infected it will be obvious after this Sunday. This malicious software, authored by an international cyber ring, was created to reroute infected computers to fraudulent websites. Enter the FBI and Operation Ghost Click. Not only did they take down the criminals responsible, they also put clean servers in place to maintain internet access for affected users once the malicious servers were taken down.
After this Sunday, the FBI plans to shut down the servers that have been keeping infected machines online. Any machines with DNSChanger malware still active will lose internet access. As of July 4, the affected machines still numbered about 46,000 in the US. This particular malware did not discriminate between PC or Apple. Tablets and routers were also affected.
To find out if your computer is infected, visit this website: http://www.dns-ok.us on that machine. If you see a green background, you are all set. If you see a red background, your computer is infected. If you get the dreaded red background, there is good news. The DNSChanger Working Group has put together a page containing tools and a step-by-step guide to fixing your computer. Unfortunately, the fix can get complicated or take time to complete because this is an exceptionally nasty piece of malware that affects the machine’s boot sector.
I urge you to check your computer(s) ASAP, before the Sunday deadline, in case you need to implement the fix before you lose internet access. If you do lose internet access on Monday, contact your internet service provider for further instructions.