The Federal Bureau of Investigation may soon be forced to shut down a number of key Domain Name System (DNS) servers, which would cut Internet access for millions of Web users around the world, reports BetaBeat. The DNS servers were installed by the FBI last year, in an effort to stop the spread of a piece of malware known as DNSChanger Trojan. But the court order that allowed the set up of the replacement servers expires on March 8.
In November of last year, authorities arrested six men in Estonia for the creation and spread of DNSChanger, which reconfigures infected computers’ Internet settings, and re-routes users to websites that contain malware, or other illegal sites. DNSChanger also blocks access to websites that might offer solutions for how to rid the computer of its worm, and often comes bundled with other types of malicious software.
By the time the FBI stepped in, DNSChanger had taken over computers in more than 100 countries, including half-a-million computers in the US alone. To help eradicate the widespread malware, the FBI replaced infected servers with new, clean servers, which gave companies and individuals with infected computers time to clean DNSChanger off their machines.
Unfortunately, DNSChanger is still running on computers “at half of the Fortune 500 companies,” and at “27 out of 55 major government entities,” reports cybersecurity journalist Brian Krebs. These computers rely on the FBI-installed DNS servers to access the Web. But if the court order is not extended, the FBI will be legally required to remove the clean servers, which would cut off the Internet for users still infected with DNSChanger.
Companies or other agencies that are unsure whether their systems are infected with DNSChanger can get free assistance here. And private users can find out if they are infected using instructions provided here.
[Image via Maxim Tupikov/Shutterstock]
- From pranks to nuclear sabotage, this is the history of malware
- Cryptojacking is the new ransomware. Is that a good thing?
- Cloudflare wants to make your internet faster and more secure with 184.108.40.206
- Windows Defender thwarts major malware attack directed mostly at Russian users
- Hackers modify ransomware to deliver a Coinhive cryptocurrency-mining payload