Internet access dominates our lives. People use the Internet for work, for school, to play games, and of course, to interact on social media sites. The BBB is warning individuals and small businesses about the DNS Changer Virus that you may have picked up without knowing it.
The FBI identified the DNS Changer Virus last year as originating from Estonia. Although the perpetrators were from a foreign country, the FBI obtained a court order to take down the websites that were involved with spreading the virus temporarily. The injunction expires on July 9 and the websites spreading the virus will be online again.
“There are some online bloggers who refer to July 9 as ‘doomsday’ for the Internet,” said BBB President Tom Bartholomy. “The truth is that losing Internet access, even for a short time, could be disruptive.”
The BBB advises small businesses and families to check for the virus on all of the computers in their homes and offices before July 9. The FBI has developed a simple tool you can use to determine if your computer is infected.
Here’s what you need to do:
1) Go to FBI DNS Virus Checker https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS
2) Click on the link that is in the column under URL and ENGLISH.
3) If your computer is fine, it has not been infected.
4) If your computer is infected, you will be given instructions on how to find the virus and remove it before July 9.
DNS (Domain Name System) is an Internet service that converts user-friendly domain names into the numerical Internet protocol (IP) addresses that computers use to talk to each other. When you enter a domain name, such as www.fbi.gov, in your web browser address bar, your computer contacts DNS servers to determine the IP address for the website. Your computer then uses this IP address to locate and connect to the website.
DNS servers are operated by your Internet service provider (ISP) and are included in your computer’s network configuration. DNS and DNS Servers are a critical component of your computer’s operating environment — without them, you would not be able to access websites, send e-mail, or use any other Internet services.
Criminals have learned that if they can control a user’s DNS servers, they can control what sites the user connects to on the Internet. By controlling DNS, a criminal can get an unsuspecting user to connect to a fraudulent website or to interfere with that user’s online web browsing. One way criminals do this is by infecting computers with a class of malicious software (malware) called DNSChanger. In this scenario, the criminal uses the malware to change the user’s DNS server settings to replace the ISP’s good DNS servers with bad DNS servers operated by the criminal. A bad DNS server operated by a criminal is referred to as a rogue DNS server.
The FBI has uncovered a network of rogue DNS servers and has taken steps to disable it. The FBI is also undertaking an effort to identify and notify victims who have been impacted by the DNSChanger malware. One consequence of disabling the rogue DNS network is that victims who rely on the rogue DNS network for DNS service could lose access to DNS services.
To address this, the FBI has worked with private sector technical experts to develop a plan for a private-sector, non-government entity to operate and maintain clean DNS servers for the infected victims. The FBI has also provided information to ISPs that can be used to redirect their users from the rogue DNS servers to the ISPs’ own legitimate servers. The FBI will support the operation of the clean DNS servers for four months, allowing time for users, businesses, and other entities to identify and fix infected computers. At no time will the FBI have access to any data concerning the Internet activity of the victims.
It is quite possible that computers infected with this malware may also be infected with other malware. The establishment of these clean DNS servers does not guarantee that the computers are safe from other malware. The main intent is to ensure users do not lose DNS services.