In November 2011, the Federal Bureau of Investigations took over a series of DNS servers that had been used by cyber-criminals to redirect users` traffic to potentially risky locations they control. However, as disruption of the DNS system has a huge impact on the way PCs communicate over the Internet, the Bureau substituted the rogue DNS servers with valid ones to keep resolving internet names.
This will end on July 9, when the substitute servers will be taken offline, making communication nearly impossible for the average user if their DNS settings were tampered with. After July 9th, any computer using these rogue DNS servers will be unable to resolve domain names. The FBI says about 500,000 computers are infected, based on the number of PCs connected to the servers they seized alone. The total number of affected users could run much high.
To restore the computer to a functioning state, Bitdefender has developed a free tool that assesses the status of the DNS settings and prompts the user when rogue DNS settings are found. Please read through this document to see how to restore your system settings to normal and ensure permanent connectivity after July 9th.
[wpdm_package id=21]
What exactly is the role of DNS?
Computers and other devices connect to the network using what is called IP addresses – series of numbers that identify them. For instance, the bitdefender.com website has an IP address of 50.97.236.19. Since IP addresses are difficult to remember for humans, the DNS (Domain Name System) acts like a phone directory: if you know who to call, you only need to look up the person`s name and the phone brings up the number. Similarly, the DNS server converts domain names into IP addresses.
If the DNS system is tampered with, chances are that the IP address of your favorite e-banking website, e-mail service or social network will lead you to a web page that is actually controlled by the attacker. This way, any data you pass to the website (including authentication information), lands into the wrong hands without the user even realizing it.
What will happen on July 9th?
On July 9th, the FBI will shut down these temporary name servers. Without DNS servers to convert domain names to addresses, computers will be unable to function properly. You will still be able to browse the web by entering IP addresses instead of URLs in the browser, but this is not only inconvenient, but also may not work in some circumstances.
How can I fix things up and avoid disruption?
First and foremost, you need to identify whether your DNS settings have been replaced with rogue DNS entries. Please download and run the DNS Changer Detector. If the tool reports that your system is clean, you have nothing to worry about. If it shows signs of subversion, follow these steps to fix your PC.
The DNS Changer Checker is available courtesy of Bogdan Timofte, Malware Researcher at Bitdefender.
tags
December 19, 2024
November 14, 2024