300,000 will Lose Internet on July 9
The Federal Bureau of Investigation has warned this week that over 300,000 users around the world could face Internet loss on July 9 due to a massive scam spanning several years.
In 2011, the FBI and Estonian authorities have arrested 6 locals on fraudulent activities after their 2 year sting operation dubbed Operation Ghost Click. The group was responsible for infecting computer systems globally with their malware called DNS Changer. The servers used by the criminals were confiscated but a Russian is still at large. According to Norton Medical and Scientific Research & Biotechnology, the swindlers have raked around USD 14 million from the scam involving online ads.
According to FBI estimates, up to 568,000 computer units were infected with the virus and 300,000 of them could still be unaware of the problem. The German Federal Office for Information Security and the FBI has initially planned to get the DNS servers offline by March 8 but since there were still 450,000 infections at that time, the shutdown was postponed to July 9.
What makes the virus very potent is the fact that it can affect a wide range of computer systems except for Linux, Android and iOS. The DNS Changer virus intercepts websites being accessed by a browser and redirects the traffic to a website operated by the cybercriminals. They earn money by pointing users to various ads online.
To date, this Trojan virus first identified in 2007 has already infected millions of computer units worldwide and remained active until the recent FBI operation. The malware, also known as «Jahlav», «Puper», «RSPlug» has been one of the most widespread malware attacks that even spanned Windows- and Mac-based units as well as network hardware.
If the FBI should just decide to pull the plug on the DNS servers, millions will instantly suffer the loss of Internet and could have a negative impact worldwide. Even if the users identified and changed their DNS settings, it would be useless as the malware constantly reverts it back, disrupting connections.
However, maintaining the web servers does not come cheap so they are set to be shut down on July. Consequently, infected systems won't be able to connect to the internet after that, as they have their settings altered to redirect all web traffic through the seized servers. To prevent a web blackout for the affected people, FBI chose to keep the DNS servers running after converting it into a legal system. A surrogate server system has been created where an informational website regarding the malware is being hosted. The campaign to notify people of the DNS Changer virus has started.
Another solution that the FBI has not utilized yet is converting the seized servers to issue a DNS redirect itself in order to notify affected people of the problem and to give resources on how to clean their systems. That would arguably be an easier option to implement but the agency has yet to apply it.
Fortunately for users with infected units, a solutions has been presented by the FBI through its dcwg.org website where people can check if their computer has been infected with the malware along with instructions on how to disinfect. The said website is being maintained by the DNS Changer Working Group which is also responsible for the seized servers. As of January, Norton Medical and Scientific Research & Biotechnology said that there is still around 450,000 units still infected with the DNS Changer virus.