Did you wake up this morning to a dead internet? Well, if you’re reading this from your iPad or iPhone, you need not panic, it’s not the Zombie Apocalypse or the Mayan prophecy coming true six months early. Actually, you can thank the FBI.
DNSChanger was used to redirect unsuspecting users to rogue servers controlled by the cyber thieves, allowing them to manipulate users’ web activity. – FBI’s Blog
How is the FBI at fault for Internet Doomsday? Well, largely because they kinda, sorta, but not really did their jobs. The story goes that working in concert with Interpol, the FBI arrest a gang of Estonians who had been making millions for years thanks to a virus they wrote called DNSChanger. The malware redirected the domain name servers (the yellow pages of the Internet) to their servers. That was all. But it allowed them to make a millions over a five year period, quite illegally.
I know what your saying … James, what’s the problem? The FBI did the right thing, right? Well, like I said, kinda, sorta, but not really. For if all they did was uphold the law and arrest the bad guys, that would be one thing. But then the FBI took the strange step of keeping the server up and running so that those hundreds of thousands of computers could continue to operate. Had they shut off the server right away and announced that those infected need to fix the problem, the this Internet Doomsday would’ve happened last year. But instead, they ran the same servers by proxy and today, they’re shutting them off.
So, upwards of 300,000 computer users will find that their Internet access isn’t working. But there is a fix. First, if you’re still up and running, the end may just be nigh. So head over to DNS-OK.us to see if you’ve been infected (course, if you’re internet is dead, you already know the answer). If you get all green, you’re clean and can go about your business. Nothing to see here. But if you get all RED, then you’re infected with the DNSChanger malware and are part of the problem. From there, the clock is ticking. You could get shut off at any moment. Plus if your ISP is redirecting DNS traffic for its customers, you may be infected anyway.
Call your ISP and let them know that you’re offline. They may be able to redirect your DNS traffic manually until you get things back up and running. In fact, as stated above, they may be doing it already (news reports that ISPs see little disruption at this point).
But that won’t fix your problem. If you suspect you’ve been compromised, the only real, safe thing to do is back up all your data and then format your hard drive and restore your OS from a known good source, updating until you can’t update anymore. Also, you’ll need to go into your router’s settings to make sure it’s directing it’s DNS traffic properly. Easiest way to do that is to just completely reset it (there’s usually a reset button in the back, press it for about 10 seconds), and then reapply your password. Then run a scan of your antivirus software. I’d also recommend going with an off site screener as well. You can find them at Eset.com, TrendMicro, and others.
So, if you’re reading this on mobile, KEEP CALM. Don’t panic. You have a way to get back up and running. And chances are, there’s a geek just around the corner who can help. He’ll be the guy under the age of 20.