FBI turns off computer servers that prop up people infected with a piece of malware
The DNSChanger malware affects how computers look up Internet addresses
FBI: A "click-jacking" scam leads to the issue
Relatively few computers remain infected with the program
It’s been impossible to go online or turn on a TV Monday without seeing all the breathless chatter about the “Doomsday” for the Internet, when hundreds of thousands of people were expected to abruptly lose their connection to the world’s computer brain.
But what caused the “Malware Monday” panic, and is it really warranted?
Here’s a quick-and-dirty guide to what’s going on:
Is my computer affected?
Before we actually get into what’s happening, go to this site: http://www.dns-ok.us/.
It will tell you, with near certainty, whether your computer (or smartphone or whatever) has been compromised by the DNSChanger malware, which is the thing everyone’s talking about.
How did all of this start?
In November, the U.S. Federal Bureau of Investigation charged seven people in connection with a “massive and sophisticated Internet fraud scheme” called Operation Ghost Click.
That scam tampered with the way computers access the Web by sending Internet traffic to websites that people didn’t intend to visit. The group made money – $14 million, according to the FBI – off of fraudulent advertisements on those websites.
The FBI eventually shut down the computers that were used to reroute Internet traffic. That move would have essentially cut access to the Internet for those people who had the DNSChanger malware on their systems. So, as a backup, the FBI turned on its own computers to make sure infected machines still would have Internet access.
So, what happened on Monday?
On Monday, the FBI turned off those backup computer servers. That means machines infected with the DNSChanger malware – or that have traces of that malicious computer program left on their computers – no longer can access the Internet as expected.
How many people are affected?
About 211,000 machines – only 42,000 of them in the United States – were infected Monday, according to CNNMoney.
Maybe that sounds like a lot. But, at its peak, 4 million computers were “hijacked” by the malware, according to the FBI. That’s 19 times the number of computers currently infected.
“That’s a large number, but it’s a very small subset of the 1.6 billion PCs worldwide, of which an estimated 339 million are in the United States,” CNNMoney writes.
Education campaigns are thought to have accounted for the difference. Google, Facebook and the U.S. government have created tools to help people notice if their machines have the DNSChanger malware.
What should you do if you’re infected?
Go to this website and follow the steps listed (assuming you can access it): http://www.dcwg.org/fix/
Or contact your Internet service providers and seek help. Tell them you believe that your computer has been infected with the DNSChanger malware.
To prevent future infections, it’s important to install updates to your machine. Professionals also recommend anti-virus software that can detect infections.