On July 9th the FBI will pull the plug on temporary DNS Servers put in place by the FBI after they discovered a criminal operation that was redirecting internet traffic. Based in Estonia, these criminals used DNSChanger malware to send internet traffic to bogus sites. For example: the owner of an infected system may think that they are going to iTunes when they are really being directed to a bogus site.

Millions of computers worldwide have been infected. Somewhere around 500,000 of those are in the US. Janice Fedarcyk, FBI assistant director/New York, “describes an intricate international conspiracy conceived and carried out by sophisticated criminals.” Home computers, business and even government agencies such as NASA were infected. Also, some systems had their anti-virus software and OS updates disabled leaving them especially vulnerable.

Beginning in 2007, the cyber ring used a class of malware called DNSChanger to infect approximately 4 million computers in more than 100 countries. There were about 500,000 infections in the U.S., including computers belonging to individuals, businesses, and government agencies such as NASA. The thieves were able to manipulate Internet advertising to generate at least $14 million in illicit fees. In some cases, the malware had the additional effect of preventing users’ anti-virus software and operating systems from updating, thereby exposing infected machines to even more malicious software.

The FBI recommends having an IT professional inspect, and, where necessary, remove the malware. Available anti-virus and malware removal software will not remedy this problem.

Resources: – Press release – Statement by New York ADIC Janice Fedarcyk – Learn more about DNSChanger malware and how it can affect your computer – Check your computer’s DNS settings – Register as a victim of the DNSChanger malware