U.S. government officials have asked a federal judge in New York to extend a looming deadline that could knock as many as half a million computers infected with the 'DNSChanger' Trojan offline on March 8.
The March deadline was set following last November's "Operation Ghost Click, " an FBI bust of an Estonian cybercrime gang responsible for infecting at least 500,000 computers in the U.S. with DNSChanger, a Trojan that netted the crooks $14 million by enabling them to reroute Web traffic to rigged sites and collect the advertising revenue.
Following the bust, the FBI set up temporary surrogate servers to keep infected systems, including many in government agencies and Fortune 500 companies, online. The original court order from Nov. 3 establishing the temporary servers gave the FBI only until March 8 to operate them.
[FBI May Block Your Internet Access Beginning March 8]
In his Feb. 17 request to Judge Lewis A. Kaplan, Preet Bharara, U.S. Attorney for the Southern District of New York, asked the court to extend the March 8 disconnection deadline by another 120 days, to July 9.
The Internet Systems Consortium (ISC) would be responsible for operating the replacement DNS servers. The ISC, the court filing explains, would submit reports on or before May 22 and July 23 estimating the number of victims still infected with DNSChanger.
Many security professionals have argued that extending the March 8 cutoff would be a mistake, since it would just reward IT departments that haven't cleaned up the infections.
In an informal poll on his Krebs on Security blog, noted cybersecurity researcher and reporter Brian Krebs found that an overwhelming majority of respondents said sticking with the March 8 deadline and forcing computer users to clean up their systems was the best approach.
To find out whether you've been hit by DNSChanger, click here. If you see red, you've got a problem. The first thing to do will be to change your DNS settings to trusted servers, such as Google's public DNS servers. Click here to do so.
The second thing will be to update and run strong anti-virus software that will clean out your machine. You'll probably have to pay for it. Here's a list of some recommendations.