When the user try to access certain websites, the rogue DNS servers will direct the Web traffic through other servers controlled by online criminals. One of the gain that these criminals get, would be fees from Affiliate and Referral links by diverting users through the Malicious sites. They can also manipulate your web activities!
If you find yourself landing on strange sites unexpectedly, or have difficulty gaining access to your work VPN (Virtual Private Network), you might want to scan your system or take certain measures to check if your system is affected.
If the image appears with a GREEN Background or a Green Tick or Banner, then your IP address could be safe.
If it appears RED, then you might want to find out how to Fix your system here, or seek Professional Help IMMEDIATELY!
Why 9th July?
Since 2007, the cyber criminals launched the DNSCHANGER Malware to infect the millions (billions?) of computers. You can see a list of systems affected, sorted by countries here.
The FBI have been watching this issue closely. In November 2011, in “Operation Ghost Click“, the FBI, together with the NASA-OIG and the Estonian Officials, they tracked down six Estonian nationals. These cyber criminals operated under the company name Rove Digital, and distributed Malwares (DNSChanger, TDSS, Alureon, TidServ and TDL4 viruses) that changes infected systems’ DNS.
Their servers were seized by the FBI, but because of the massive numbers of systems affected, these servers were cleaned up and left running, to avoid Internet disruption for those who are unaware that their system have been affected.
You can read about the News Release from FBI here.
On 12th March 2012, the FBI obtained a Court Order to authorise the Internet Systems Consortium (ISC), a non-profit organisation that supports the Internet’s Infrastructure, to maintain, replace and clean up servers.
The Court Order expires on 9th July 2012, and also due to cost of operating these servers, the plan would be to shut down these servers on 9th July 2012, thus systems that are still affected, will lose their internet access and any other activites related to the Internet, ie. email, web browsing, etc.
Please check and scan your system now, and remember:
PREVENTION IS BETTER THAN CURE!!
Further Readings :
- How To Detect If You Are Infected?
- How To Fix If You Are Infected?
- How To Protect Your System
- Top DNS Changer Infections by Country