All those computer users whose Internet access was about to be cut off by the FBI can breathe a bit easier.
Late yesterday (March 5), federal Judge Denise Cote granted the federal government another 120 days to keep running several Domain Name System servers that were keeping hundreds of thousands, and possibly millions, of infected computers online.
The servers had been due to be shut off this coming Thursday, March 8, after the previous 120-day mandate given in the original protective order had run out. The new deadline is July 9.
On Nov. 8 of last year, Estonian authorities busted a low-key cybercrime ring who'd used a variety of malware, collectively called "DNSChanger," to infect approximately 4 million PCs, Macs and network routers worldwide and redirect those machines' Web traffic to bogus websites controlled by the gang.
As far as online crime goes, the Estonians were strictly white-collar. They made a small amount of money each time one of the unsuspecting users clicked an ad on one of their sites. Still, the gang made about $14 million in nearly five years.
But a side effect of the scheme was that all Internet queries from the infected machines had to be routed through servers controlled by the gang, most of which were located in the United States.
So after the arrests in November, the FBI was faced with a dilemma: Unplug those servers and cut off millions from the Internet, or keep the servers, or facsimiles of them, up to keep millions of innocent users online?
Justice Department officials chose the latter option, and figured 120 days would be enough time for the infected machines to be cleaned up.
They were wrong. It's not really clear just how many machines are still infected, but security blogger Brian Krebs cited as many as 3 million worldwide a month ago.
The argument could be made that if only a quarter of the infected machines have been disinfected in the past four months, we'll be well into 2013 before they were all sanitized. Hence, some security experts feel that renewing the protective order would just be kicking the can down the road.
To find out whether your computer or network router is infected with DNSChanger malware, click here. If you are infected, make sure you've got a serious anti-virus security suite, update it and run a full system scan. If that doesn't work, contact a computer professional.