Monday will bring a massive consequence to Internet users who have not heard about or who have chosen to ignore the threat of DNSChanger and may be infected.
Spearheaded by the FBI, the initiative to block all infected computers from the Internet on Monday will result in the inability to access the Web and anything having to do with it. This means that infected computers will not be able to check email, watch Internet videos or even connect to the service.
DNSChanger is a malicious software (malware) program that infects an Internet user’s computer by disguising itself as a Trojan Horse, which means that it hides itself within “trusted” downloadable programs and then unleashes havoc once the program is installed.
This malware can be most relatable to a phishing scam, except that its threat is more elevated. In a phishing scam, a computer user is usually presented with a link to a bogus website that looks trusted, secure and safe. If a user follows the link to the fake website and inputs any information into it, hackers who created the site are instantly and irreversibly able to collect that login info and use it in their favor.
DNSChanger is more serious than a phishing scam because the malware doesn’t require you to follow a false, dangerous link. Instead, the virus simply redirects you to a malicious site as soon as you press Enter after typing an address in your browser’s URL. In other words, all the hackers need is for you to have an infected computer and visit a site you trust. From there, their program does the rest as you are sent to a duplicate site created by the hackers. The criminals then make their money (over $14 million) from users clicking on fake ads or entering their credit card info.
First appearing in false programs distributed on pornographic sites that claimed they needed to be installed before viewing content, the virus has infected millions of computers since its discovery in 2007. Of the infected computers, more than 500,000 were — and are — in the US.
Since the FBI’s successful operation that arrested six Estonian hackers believed to be the core of the issue, many “rogue” fraudulent servers have been shut down and/or replaced. This means many computers that still have the virus are now going to the correct websites, but that doesn’t mean those users are out of the woods yet.
The best thing to do about the issue is run a virus scan on your computer. While paid programs like Norton Antivirus are the highest-rated overall, there are some free programs that work just as well, but may offer a few less features. AVG Antivirus 2012 and Avast are among the top free antivirus programs available through the Internet. Numerous other services have been suggested by the FBI to help instantly check to see if your PC is infected; it usually takes less than 2 seconds to find out.
James Davis, the IT CIO at Iowa State, said McAfee and Norton are comparable in terms of virus-stopping power.
“Our security group has been discussing this national issue, and some of the university’s employees like Doug Jacobson have been following it closely,” Davis said.
With the right precautions, this slowly-dying virus will dissappear even faster the more that the general public is aware of its threats. In the meantime, every computer user should make sure to scan their system before Monday.