FBI Shutting down the Internet in July? Yes, sort of

Super Moderator
User avatar
Posts: 11672
Joined: Mon Jul 21, 2008 12:57 pm
Location: Greisen-Zatsepin-Kuzmin

PostWed Apr 25, 2012 4:00 pm » by -Marduk-


FBI Shutting down the Internet in July? Yes, sort of.


Image

There’s a story circulating that if you don’t ensure your computer is malware-free by July 9, 2012, the FBI will shut off your access to the Internet. Like most such alarmist claims, it’s only partly true, though if you’re a Windows or Mac user, you’ll want to pay attention.

The original story dates back to 2007, when a group of cyber-ne’er-do-wells launched malware dubbed “DNSChanger,” infecting millions of computers in hundreds of countries with code that allowed them to manipulate the way Internet ads appear in browsers, ultimately racking up millions in illicit fees.

How did the malware work? DNSChanger targets Windows or Mac systems (Linux, iOS and Android users are in the clear) by manipulating Domain Name Servers (DNS), which translate syntax-based URLs into IP addresses. When you type something like “www.yahoo.com” into your browser, for instance, your request hits your Internet service provider’s DNS server, which translates it into a numeric IP address. If you plug that IP address into your browser’s URL bar in lieu of the web address, barring any IP tricks, you’ll land on the exact same web page. The Internet’s underlying architecture is based on TCP/IP, in other words, not the more easily remembered words we type into our browsers.

DNSChanger fiddles with that DNS routing: Once a computer was infected, the malware redirected DNS-related requests to servers controlled by the fraud ring, which then piped web ads to users, ultimately putting millions of dollars in the cybercriminals’ pockets.

Working with Estonian officials, the FBI was able to track down the perps — six Estonian nationals were arrested for the crime last November — and seize their servers. But given the number of computers estimated infected, the FBI opted to leave the servers running, ad-neutralized, to avoid disrupting Internet functionality for those unaware their computers were compromised. And to give users more time to purge, the FBI secured a court order on March 12, 2012 that authorized the Internet Systems Consortium (ISC) — a nonprofit corporation that supports the Internet’s infrastructure — to roll out and maintain temporary “clean” DNS servers. But since these servers cost money to operate, the plan has been to shut them off on July 9, 2012. When that happens, DNS-related Internet activity on infected computers, e.g. web and email, will cease to function.

To be clear, your Internet service itself will be unaffected by the change: If your computer is infected with the DNSChanger malware, your Internet router will keep routing and any commands sent by your computer that aren’t DNS-related will still pass. The FBI isn’t shutting off Internet service to impacted machines, it’s just pulling the plug on a stopgap measure designed to bandaid the broken process currently facilitating DNS communication on infected machines.

How do you tell if you’re infected? Simple: The FBI runs a DNS checker page, where you can type your DNS info into a box to check its validity. Easier still, you can click on a link that’ll automatically check and return either a green or red background, indicating “clean” or “infected” states, respectively. Alternately, the DNS Changer Working Group (DCWG), created to help remedy the malware, maintains a page with detailed information on the malware, how to detect it and how to remove it, including a table of links to popular antivirus company remedies.

http://techland.time.com/2012/04/23/dns ... in-feature
Image
______________________________________________________________________________
-= PREDESTINATION: Itz hard to be ze good guy when you turn into a fucking gun =-

Super Moderator
User avatar
Posts: 11672
Joined: Mon Jul 21, 2008 12:57 pm
Location: Greisen-Zatsepin-Kuzmin

PostWed Apr 25, 2012 4:27 pm » by -Marduk-


You can also test to see if you are affected by visiting the following DNSChanger Check-Up sites below. If this Check-Up site indicates that you are affected by DNSChanger, then visit http://www.dcwg.org/cleanup.html for information on how to address this problem.

URL................................Language......Maintainer

http://www.dns-ok.us/ English DNS Changer Working Group (DCWG)
http://www.dns-ok.de/ German Bundeskriminalamt (BKA)
http://www.dns-ok.fi/ Finish CERT-Fi
http://www.dns-ok.ax/ Swedish CERT-Fi
http://www.dns-ok.be/ Dutch/French CERT.be
http://www.dns-ok.fr/ French CERT-LEXSI
http://www.dns-ok.ca/ English/French CIRA and CCIRC
http://www.dns-ok.lu/ English CIRCL
http://dns-ok.nl/ Dutch/English SIDN
Image
______________________________________________________________________________
-= PREDESTINATION: Itz hard to be ze good guy when you turn into a fucking gun =-

Super Moderator
User avatar
Posts: 17855
Joined: Thu Jul 22, 2010 4:20 am
Location: babysitting

PostWed Apr 25, 2012 4:35 pm » by The57ironman


....... :peep:



ok guys.....who's done it already..?
.






..... If you can't be kind, at least have the decency to be vague.......
.

Initiate
Posts: 414
Joined: Thu Apr 19, 2012 2:36 am

PostWed Apr 25, 2012 5:18 pm » by pandoras


The57ironman wrote:....... :peep:



ok guys.....who's done it already..?


I did a couple of days ago...
The funny part of this is reading GB's article on his website then reading the comments....sheesh...I thought we were paranoid!
They also give you steps to manually check yourself for a few different OS. (If you were too paranoid to click on the "detect" link.)

http://www.dcwg.org/detect/ :twisted: hehehe....

Writer
User avatar
Posts: 32
Joined: Sun Apr 15, 2012 4:08 am

PostWed Apr 25, 2012 6:11 pm » by GreySnake


no mallware for me, jippi kay yee!
Lucid dreaming is a gift of god



  • Related topics
    Replies
    Views
    Last post
Visit Disclose.tv on Facebook