In an unprecedented move, the FBI may cut off Internet access to millions of people on March 8th to try to rid the country of a Trojan. Millions of computers are infected worldwide—maybe even yours.
The DNSChanger Trojan originated in Estonia and might be lurking undetected on as many as a half-million computers in the United States, according to Brian Krebs. It has been found on the computers at half of all Fortune 500 companies and at 27 government agencies. The Trojan changes an infected computer’s DNS settings to send users to fraudulent websites. What’s more, the worm is particularly malicious in that it also prevents you from visiting security websites that might diagnose or fix the problem. While the men authorities suspect are behind the Trojan have been arrested, the Feds, working in concert with the Estonian government, have yet to put the final kill on the worm’s botnet.
That’s where the Internet shutdown comes in. The FBI has a court order allowing it to set up temporary replacement DNS servers so that those with infected computers or networks can get the worm off of their systems. The court order, however, expires on March 8th. Unless that order gets extended, anybody who hasn’t cleaned up their act before it expires, might get cut off from the Internet altogether.
Luckily, it turns out kicking DNSChanger is manageable—as long as you know you’ve got a problem. To learn more about checking your computer or network for the Trojan check out theDNS Changer Working Group and the FBI. [Krebs on Security via BetaBeat via Geekosystem]