Malware threat: computers may lose internet on July 9

Tens of thousands of computer users around the world infected with malware last year may lose their Internet access on Monday with the expiration of a fix by US authorities, security experts say.

The problem stems from malware known as DNS Changer, which was created by cybercriminals to redirect Internet traffic by hijacking the domain name systems of Web browsers.

The ring behind the DNS Changer virus, discovered in 2007, was shut down last year by the US Federal Bureau of Investigation (FBI), Estonian police and other law enforcement agencies.

Because the virus controlled so much Web traffic, authorities obtained a court order to allow the FBI to operate replacement servers which allow traffic to flow normally, even from infected computers.

So how to tell if you’re computer is infected and how to fix it ? Here are few must-take steps. For details you can click here. The DCWG or DNS Changer Working Group is working to ensure that those who were infected don’t lose access to the Internet on Monday.

On Monday the Internet may go dark for tens of thousands of computer users here in the US. That’s because several years ago hackers sent out a debilitating virus that affected several thousand users worldwide. CNET’s Kara Tsuboi reports on how the DNSChanger malware works and what you can do to protect your computer.

[jwplayer config="My Player" file="https://www.youtube.com/watch?v=oNO5Rm4ASiI"]

So how can you check if your computer is infected?

For Windows 7 users, there are few simple steps they can follow:

• Go to the “Start” icon and type cmd, which is the DOS Command prompt.

• Type ipconfig /allcompartments /all and hit enter. In some cases ipconfig /all should also work, but might not list all the routing compartments if you have a VPN setup in Windows 7.

This undated handout image provided by The DNS Changer Working Group (DCWG) shows the webpage resulting from not having the DNS malware. AP

• The output will be very long, since Windows7 by default has support for IPv6. Look for the IPv4 information under the section entitled Ethernet adapter. Check out DNS Servers line, and write down these numbers. There may be two IP addresses listed there.

• The DCWG site has a list of infected DNS numbers on their site at this page. If they match up then, it means your computer has been infected. If not, then you needn’t take any steps as you won’t be affected by DNS change servers shutting down.

According to the paper, if you are infected with the virus, then you’ve got a longer, but not impossible, process ahead of you.

The DNS Changer Working Group (DCWG) said that those infected with the virus should first back up any important files.
One can do that fairly easily with an external hard drive or even a thumb drive.

The group also recommends people to use multiple tools to make sure they have a wider net of virus definitions to choose from.

Scanning the computer regularly for viruses is a good idea to make sure that virus definitions are up-to-date, the group said