Here in SophosLabs, we have been receiving a fair number of requests from the general public asking about the supposed “internet doomsday”, said to strike on July 9th, which will leave “hundreds of thousands of internet users without internet access”.
In the immortal words of Douglas Adams: Don’t Panic
First, let’s back the train up into the station and give you a quick history on this.
Back in November 2011, the FBI seized control of a bunch of rogue DNS servers that were being used by the bad guys to redirect PCs infected with the DNS Changer malware machines to various scams with the intention of making money.
More than 350,000 computers around the world are thought to still be using the DNS servers, which have now been made harmless. But it’s US taxpayer dollars which are keeping the DNS servers up and running, and that’s not a situation that can carry on indefinitely.
The best solution is for people to fix the DNS settings on their computers.
The original plan was for the the DNS servers to be shut down on March 8th 2012, but the FBI has asked for more time, delaying the shutoff date to July 9th.
Essentially the FBI is trying to give innocent folks time to clean their machines up.
And computers should be fixed – because if the DNS servers go down, any computer relying on them for DNS name services will cease to be able to browse the web, read email or do just about anything on the internet at all.
The issue is discussed in greater detail in Sophos Chet Chat podcast 86, that was published last month. (The DNS Changer part of the podcast starts at 4’30”.):
Now a bit of good news for Sophos customers, Sophos can detect various variants of the DNS Changer malware under names such as Troj/DNSChan-A.
Furthermore, Sophos products can detect if your computer is one of the ones whose DNS settings have been meddled with – identifying them as CXmal/DNSCha-A, and help repair the damage.
And finally, if you want to see if your computer is one of those which might be affected on July 9th, you can check via the DNS Changer Working Group website (DCWG).
The FBI also has a look-up form on its site.
If you were one of the unfortunate people whose computers were hit by the DNS Changer malware, your access to the internet does not have to disappear on July 9th.
Take the right steps now to avoid a headache later.
Here’s a video where Paul Ducklin explains more:
(Enjoy this video? Check out more on the SophosLabs YouTube channel.)
Ludo game image, from ShutterStock