Is the July 9 Virus a Threat to Your Computer?
By Virginia DeBolt on May 01, 2012
BlogHer Original Post
The reports about the July 9 virus, which affects both Windows and Mac, are calling it "Internet Doomsday" and Internet Blackout. A virus that could shut down thousands of Internet users certainly should make headlines. More important news is there is a way to check your computer to see if you are at risk.
Image from DNS Changer test site
The malware that could do all the damage is called "DNS Changer." DNS stands for Domain Name Service. It's the system for how the Internet keeps track of where servers and files are located. According to a report on Mashable, this malware . . .
redirects your computer’s DNS queries from your ISP’s server to one created by the trojan’s creators — essentially hijacking all Internet traffic from your machine. That way, the bad guys can send you to hacker-created websites filled with ads whenever they want.
The FBI Works with DCWG on Fixes
The FBI has set up a web site with security firm DCWG to help to determine whether your computer is at risk. There's a description of what lead up to the situation and what the malware does:
The botnet operated by Rove Digital altered user DNS settings, pointing victims to malicious DNS in data centers in Estonia, New York, and Chicago. The malicious DNS servers would give fake, malicious answers, altering user searches, and promoting fake and dangerous products. Because every web search starts with DNS, the malware showed users an altered version of the Internet.
Under a court order, expiring July 9, the Internet Systems Consortium is operating replacement DNS servers for the Rove Digital network. This will allow affected networks time to identify infected hosts, and avoid sudden disruption of services to victim machines.
The DCWG site includes options for you to detect the malware on your computer, fix it if you are infected, and protect yourself from further infection with the DNS Changer.
You may also be able to find helpful information from your own internet service provided. I use Comcast for my Internet service, and found this page for Comcast users.
Both the DCWG site and the Comcast help page send you to dns-ok.us which runs a check to see if your computer is okay. This page is for English results. If you are not in the U.S., you can find a list of similar sites for other languages at DCWG/detect.
All the test involves is for you to click on the link. You don't download anything.
Should your computer fail this quick detection test, there are instructions on what to do next. If you are okay, you see a cheerful green background with a message that you are okay. If you see a red background, you are given information about a fix. Be aware of the message below the fold on the page, however, even if you get the happy green okay message:
Had your computer been infected with DNS changer malware you would have seen a red background. Please note, however, that if your ISP is redirecting DNS traffic for its customers you would have reached this site even though you are infected. For additional information regarding the DNS changer malware, please visit the FBI's website at: www.fbi.gov/news/stories/2011/november/malware_110911.
Run the test, make sure you're computer is safe. If not, use the instructions at DCWG to fix it. As the lady so eloquently said, "Check yourself before you wreck yourself."