DNSChanger server switch-off today could mess up your internet
9th Jul 2012 | 09:42
The FBI will switch off servers used by cyber criminals today, potentially leaving thousands of people unable to access websites.
It's all to do with domain name servers (DNS) and an ongoing battle between the FBI and a gang of Estonian cyber thieves who spread malware named DNSChanger.
At its peak, DNSChanger found its way on to around 4 million computers around the world and switched settings to make each computer look up domain names on the gang servers.
This seemingly arbitrary switch meant that users were served up adverts instead of the websites they searched for as well as allowing the crims to replace adverts on searches and other sites – every hit meant more money in the gang members' pockets.
The servers were seized by the FBI in November 2011, but left running to give the malware victims time to clean up their machine settings and connect to sites via a legit DNS instead.
Unfortunately, hundreds of thousands of machines are still using the DNSChanger servers so after the switch-off they won't be able to get to any websites (aside from cached pages).
Google, ISPs and web security firms have been working with the FBI to encourage people to check if they were infected over the past six months, but the servers will finally be shut down today (July 9).
Estimates vary, but it seems that at least 300,000 machines are still using the DNSChanger servers, although many of these may be retired machines that aren't used any more.
If you think you might be affected, the DNSChanger Working Group has a bunch of ways you can check and fix any issues - although if you're seeing this after the switch-off, you're probably fine.