DNS Changer Virus could knock you off the web in July

You may be infected with a virus that could block you from the internet. Around 350,000 computers are already infected with this malware, called “DNS Changer.” Dan Thompson with Claris Networks and Jason Graf with Sword and Shield Enterprise Security visited WBIR to give the entire scoop. If you’d rather just watch the video, skip on down to watch.

What is the virus and how does it work?

Dan: “Essentially, DNS is a technical term that references the translation that goes on behind the scene when you and I are browsing the internet. For instance, if you type www.facebook.com, DNS is the stuff that goes on behind the scenes that lets your computer know to go on the internet. So what the virus has done is to redirect all those requests to go to somewhere besides Facebook. It looks like Facebook, but it’s not. For every person that this virus directs to this fake site, the malware creators are making money. Some people make money on the internet by clicks, so they’re funneling all these people over to a site that’s making them cash.

Does this impact both Windows and Mac users?

Jason: Yes. It seems that the safety net of the Mac system has been dissolved for the first time. This virus along with another that came out recently called Flashback, affected over 650,000 Mac users. Both employ what’s called “click fraud” to solicit illegitimate clicks.”

Describe the investigative process in finding this virus and its creators.

Dan: The FBI knew what was going on with this virus a while ago, but they realized that if they yanked the carpet out from under it, tons of people would be stranded who couldn’t surf the internet anymore. What the FBI decided to do was to leave those servers in place, albeit at taxpayer dollars. Now they are stuck with a conundrum: either they leave these servers in place indefinitely (which they have decided not to), or turn it all off (which they are going to do). This will completely disable infected computers’ ability to browse the internet.

What is the target date for the shut off?

Dan: July 9^th

What will happen on July 9^th?

Dan: “If you have the virus on July 9^th when they turn those servers off, you will receive a “Page cannot be displayed” error, no matter which address you attempt to visit.

How do you know if you have the virus and will this July 9^th blackout correct the problem if you do?

Jason: Go to the website www.dcwg.org. This website will scan your computer, let you know if you’re infected with the virus, and give you tips on removing it if you do.

This malware also shuts off your antivirus software and prevents you from getting updates, which makes your computer much more susceptible to other malware.