April 26, 2012 at 1:36 PM ET
July 9 might be "Internet doomsday" for PC and Mac users who haven't taken steps to make sure their systems are not infected with what's being called DNSChanger malware.
That's right: Your Internet connection may not work that day because the safety net now in place from the FBI against the malware will be removed then, and if your computer is infected, you won't be able to get to the Internet.
Let's back up a minute to give you some quick background. Last fall, the FBI arrested six Estonian nationals who were charged with using malware and rogue DNS servers to hijack millions of computers worldwide.
At that time, Trend Micro's Feike Hacquebord called it the "biggest cybercriminal takedown in history." The company was one of several that worked with the FBI on the takedown, and described the scheme:
A variety of methods of monetizing the DNSChanger botnet [are] being used by criminals, including replacing advertisements on websites that are loaded by victims, hijacking of search results and pushing additional malware.
Because the malware is so nasty — it's strong enough to wipe out a computer's anti-virus software — the FBI set up a safety net using government computers to prevent any Internet disruptions for users whose computers may be infected.
That safety net was set to go away in February, but the date has been extended to July 9 because the agency is concerned that not enough users are aware of the problem.
Says the FBI:
To assist victims affected by the DNSChanger malicious software, the FBI obtained a court order authorizing the Internet Systems Consortium (ISC) to deploy and maintain temporary clean DNS servers. This solution is temporary, providing additional time for victims to clean affected computers and restore their normal DNS settings. The clean DNS servers will be turned off on July 9, 2012, and computers still impacted by DNSChanger may lose Internet connectivity at that time.
So, what do you need to do? Make sure your computer is clean. You can do that first, by visiting this FBI-backed website, DNS-OK, which will tell you whether your computer is infected with DNSChanger malware.
The FBI says that if you see green, that's good. Red means you're infected. Still, the bureau notes, some systems that appear to be clean may appear that way because of their service provider: "If your ISP is redirecting DNS traffic for its customers, you would have reached this site even though you are infected."
So the next step, definitely if you're "red," but even a good idea if you're "green," is to go to this site, run by the DNS Changer Working Group. The DNS Changer Working Group will detect whether your computer has been "violated," and if so, will point you to the right fix for your computer.
The sooner you do this, the better. You don't want to wait until July 9 to chance an "Internet doomsday" happening.