November 2011 the FBI seized a series of servers used by a criminal ring to divert searches to paid advertisements. The gang infected over 4 million computers worldwide with Malware, known as the DNS Changer.
When unaffected users perform a search for a website either in their address bar or by using a search engine, their PC will look up the domain name and convert the letters into numbers. Each website has a DNS which computers read just as we read letters. For example if you typed http://nbc.com into your address bar, your PC would perform a DNS look up and find the correct address and then forward you to the appropriate website.
However those who have been infected will have their DNS look up performed by the gang’s servers and be redirected to paid advertisements. It is estimated that the criminals have pulled in over 14 million dollars from the scam.
The FBI have given a grace period before shutting down the seized servers in an attempt to allow most affect users to rid their PC’s of the malware. They have been working with many Internet service providers and security firms to help spread the word. However today there is still over 300,000 users that are infected and may lose internet access come July 9 2012. Most users effected are located in the United States, UK, Germany, India and Italy.
We recommend using McAfee’s online tool to check if you are free from the DNS changer malware. If you are affected come July 9 2012 your PC will no longer have a means to lookup DNS and may render your internet useless.