July 9th Could Be Doomsday for DNSChanger Virus Victims

Maybe it’s a reminder, maybe it’s news to you. Either way, you probably want to go ahead and check to make sure you don’t get unceremoniously booted from the Internet come July 9th.

Thousands of computers worldwide are still estimated to be infected with the DNSChanger virus, which reroutes web traffic on infected computers to DNS servers belonging to the creators of the virus, rather than the usual ISP-ran DNS servers. The FBI caught the people behind the virus last year, and set up temporary servers to replace the fake DNS servers the perpetrators were running. The FBI’s temporary servers will come down on July 9th – that means no Internet for those still infected with the virus.

Those fake DNS servers, when they were still up, would normally still route Internet traffic correctly – with some notable exceptions. The perpetrators, a group of six Estonians who ran the scheme behind a legal front called Rove Digital, would occasionally take a DNS request (say, www.chipchick.com) and send the user to the a different numerical IP address – think typing in chipchick.com, and ending up on Facebook without any idea of why you got there. The group’s actions were actually relatively benign to the end user – they made money by generating ad revenue from clicks on spoof sites, rather than resorting to stealing personal information and robbing bank accounts. If that seems like it wouldn’t be the most profitable scheme, consider that the entire operations made the perpetrators about $20 million before it all came crashing down.

But, illegal activity being illegal activity, funny business was noticed, the FBI got involved, and arrests were made. The arrests were made last year, after which the FBI took down the DNS servers and set up temporary clean ones for those still infected with the virus. Since then, many have discovered the virus and gotten rid of it – but thousands haven’t. Up until now, that hasn’t been a problem. It will be a problem on July 9th, when those temporary servers go down. Those infected with the DNSChanger virus on July 9th will have their Internet traffic routed to DNS servers that no longer exist – no DNS server, no Internet.

The number of people estimated to still have the virus is around 275,000 – odds are you aren’t one of them. Still, doing your due diligence is easy enough – you can use this Canadian site (don’t worry, it’s verified as not being a scam or virus in and of itself) to check to see whether or not you have the virus. If you’re one of the unlucky few to be infected, you can check out this site for more information on how to get rid of it.

Via CBC News