DNSChanger Doomsday Malware Monday: All You Need to Know to Avoid Internet Blackout


Get ready for the “Doomsday” that everyone’s been talking about. On Monday, computers infected with a piece of malware called DNSChanger will no longer be able to access the internet. This malware affects an estimated 64,000 computers in America, out of a total of 300,000 worldwide.

For those of you worried about cyber terrorism, have no fear: Monday’s Internet shutdown is not a planned attack on infected computers by cyber criminals. Instead, it’s just the end of the FBI’s support of the computers that have already been infected with this malware.

For the past 5 years, 6 Estonian cyber criminals have been working to spread the malware to roughly 4 million computers. In November 2011, the FBI arrested them and seized control of their servers. With the help of the Internet Systems Consortium, they set up temporary servers to keep infected users online while they underwent the process of removing the malware from their computers. If you’ve been infected, you’ve only been able to access the websites you’ve searched for because the FBI has been directing you there. On Monday, the FBI will be shutting down these temporary servers.

DNSChanger operates by redirecting traffic from internet searches to rogue servers, often with advertisements that pay per click. This so-called “click hijacking” earned the hackers an estimated $14 million, while the malware also prevented computer users from downloading antivirus software to scan their computers.

The FBI had originally planned to turn off the servers in March, but with 70,000 infected users still remaining in America and 304,000 worldwide they extended the grace period for a few more months to allow as many users as possible to clear their computers.

If you’re not sure whether your computer will survive “Doomsday,” you can follow the FBI’s step by step plan to check your computer for the DNSChanger malware. Chances are that if you have it you’ve already been alerted, though: companies OpenDNS and CloudFlare have put out a message alert system to warn computers that may have the malware, which you may have seen in your browser window. DCWG, the DNSChanger Working Group, has also created a website that allows you to easily check your computer, as well as instructions on what to do if your computer is infected.

Even if your computer goes offline tomorrow, you should still be able to contact your Internet Service Provider for instructions on removing the malware and restoring your Internet access. The worst-case scenario for “doomsday” is a temporary annoyance and a chance to read a book. The question is, then, why are we all so worried about this?

Besides our utter dependence on Facebook and GMail, perhaps the idea of Doomsday so frightens us because it feels like the beginning of a new age of cyber crime in which Macs and PC’s are equally vulnerable and the stakes will only grow higher with each new technology. Maybe it’s not this Doomsday that scares us, but the next virus or malware that could already be primed to attack.