FBI Shutting down the Internet in July? Yes, sort of

Super Moderator
User avatar
Posts: 12213
Joined: Mon Jul 21, 2008 11:57 am
Location: The Pit

PostWed Apr 25, 2012 3:00 pm » by NamelessGhoul

FBI Shutting down the Internet in July? Yes, sort of.


There’s a story circulating that if you don’t ensure your computer is malware-free by July 9, 2012, the FBI will shut off your access to the Internet. Like most such alarmist claims, it’s only partly true, though if you’re a Windows or Mac user, you’ll want to pay attention.

The original story dates back to 2007, when a group of cyber-ne’er-do-wells launched malware dubbed “DNSChanger,” infecting millions of computers in hundreds of countries with code that allowed them to manipulate the way Internet ads appear in browsers, ultimately racking up millions in illicit fees.

How did the malware work? DNSChanger targets Windows or Mac systems (Linux, iOS and Android users are in the clear) by manipulating Domain Name Servers (DNS), which translate syntax-based URLs into IP addresses. When you type something like “www.yahoo.com” into your browser, for instance, your request hits your Internet service provider’s DNS server, which translates it into a numeric IP address. If you plug that IP address into your browser’s URL bar in lieu of the web address, barring any IP tricks, you’ll land on the exact same web page. The Internet’s underlying architecture is based on TCP/IP, in other words, not the more easily remembered words we type into our browsers.

DNSChanger fiddles with that DNS routing: Once a computer was infected, the malware redirected DNS-related requests to servers controlled by the fraud ring, which then piped web ads to users, ultimately putting millions of dollars in the cybercriminals’ pockets.

Working with Estonian officials, the FBI was able to track down the perps — six Estonian nationals were arrested for the crime last November — and seize their servers. But given the number of computers estimated infected, the FBI opted to leave the servers running, ad-neutralized, to avoid disrupting Internet functionality for those unaware their computers were compromised. And to give users more time to purge, the FBI secured a court order on March 12, 2012 that authorized the Internet Systems Consortium (ISC) — a nonprofit corporation that supports the Internet’s infrastructure — to roll out and maintain temporary “clean” DNS servers. But since these servers cost money to operate, the plan has been to shut them off on July 9, 2012. When that happens, DNS-related Internet activity on infected computers, e.g. web and email, will cease to function.

To be clear, your Internet service itself will be unaffected by the change: If your computer is infected with the DNSChanger malware, your Internet router will keep routing and any commands sent by your computer that aren’t DNS-related will still pass. The FBI isn’t shutting off Internet service to impacted machines, it’s just pulling the plug on a stopgap measure designed to bandaid the broken process currently facilitating DNS communication on infected machines.

How do you tell if you’re infected? Simple: The FBI runs a DNS checker page, where you can type your DNS info into a box to check its validity. Easier still, you can click on a link that’ll automatically check and return either a green or red background, indicating “clean” or “infected” states, respectively. Alternately, the DNS Changer Working Group (DCWG), created to help remedy the malware, maintains a page with detailed information on the malware, how to detect it and how to remove it, including a table of links to popular antivirus company remedies.

http://techland.time.com/2012/04/23/dns ... in-feature

= Since Dawn Of Time The Fate Of Man Is That Of Lice =

Super Moderator
User avatar
Posts: 12213
Joined: Mon Jul 21, 2008 11:57 am
Location: The Pit

PostWed Apr 25, 2012 3:27 pm » by NamelessGhoul

You can also test to see if you are affected by visiting the following DNSChanger Check-Up sites below. If this Check-Up site indicates that you are affected by DNSChanger, then visit http://www.dcwg.org/cleanup.html for information on how to address this problem.


http://www.dns-ok.us/ English DNS Changer Working Group (DCWG)
http://www.dns-ok.de/ German Bundeskriminalamt (BKA)
http://www.dns-ok.fi/ Finish CERT-Fi
http://www.dns-ok.ax/ Swedish CERT-Fi
http://www.dns-ok.be/ Dutch/French CERT.be
http://www.dns-ok.fr/ French CERT-LEXSI
http://www.dns-ok.ca/ English/French CIRA and CCIRC
http://www.dns-ok.lu/ English CIRCL
http://dns-ok.nl/ Dutch/English SIDN

= Since Dawn Of Time The Fate Of Man Is That Of Lice =

Super Moderator
User avatar
Posts: 21105
Joined: Thu Jul 22, 2010 3:20 am
Location: Odin's Palace

PostWed Apr 25, 2012 3:35 pm » by The57ironman

....... :peep:

ok guys.....who's done it already..?
if you don't like my opinions....please lower your standards Image


Posts: 414
Joined: Thu Apr 19, 2012 1:36 am

PostWed Apr 25, 2012 4:18 pm » by pandoras

The57ironman wrote:....... :peep:

ok guys.....who's done it already..?

I did a couple of days ago...
The funny part of this is reading GB's article on his website then reading the comments....sheesh...I thought we were paranoid!
They also give you steps to manually check yourself for a few different OS. (If you were too paranoid to click on the "detect" link.)

http://www.dcwg.org/detect/ :twisted: hehehe....

Posts: 32
Joined: Sun Apr 15, 2012 3:08 am

PostWed Apr 25, 2012 5:11 pm » by GreySnake

no mallware for me, jippi kay yee!
Lucid dreaming is a gift of god

  • Related topics
    Last post