There is a worldwide attack expected on the internet this month by the FBI in the United States. It has to do with DNS and redirecting your computer.  Over 500,000 computers are believed to be infected at this time.

You can read about it here:

http://www.dailymail.co.uk/news/article-2133134/Hundreds-thousands-lose-access-internet-July-result-hackers-advertising-scam.html

You can check your computer here:

http://www.dcwg.org/detect/

You can also go to the FBI's site

www.FBI.gov

They have a link on the front page that goes to info on what it is and how to check your computer's DNS settings yourself.

DNS Resolution = GREEN
Your computer appears to be looking up IP addresses correctly! Had your computer been infected with DNS changer malware you would have seen a red background.  Please note, however, that if your ISP is redirecting DNS traffic for its customers you would have reached this site even though you are infected.  For additional information regarding the DNS changer malware, please visit the FBI's website at: http://www.fbi.gov/news/stories/2011/november/malware_110911

The note makes me wonder if this "check" actually works.

I’m not sure how well that test works.  The one thing that really makes me nervous about it is that the FBI has never reacted this fast or to this extent before (at least that I have noticed). They say that when they take down the Mal-Servers everyone that is infected will lose their internet connection.

Yeah, personally, I'd check myself.

Here is the pdf on the FBI's website explaining how to do it - bringing up a command window takes but a few seconds and then you can feel sure you're ok.

Also, be sure to check what they say about routers on this page

http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf

Thanks Alisa, I am going to give that a try right now.

You're welcome!

Quote - I’m not sure how well that test works.  The one thing that really makes me nervous about it is that the FBI has never reacted this fast or to this extent before (at least that I have noticed). They say that when they take down the Mal-Servers everyone that is infected will lose their internet connection.

I read it to be just the opposite - they took 2 years to bring down the gang and they will be replacing the mal-servers, but the replacements will not undo any damage already done.

Quote - Also, be sure to check what they say about routers on this page  

http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf

Following those instructions, mine seems to be fine. :)

By the FBI's own figures, an estimated 60,000 computers in the US are infected. This ia a relatively miniscule number for such a severe reaction.

The original release is dated 11/9/11 and the article contains an update from 3/12/12 that reads:

Quote - Update on March 12, 2012: To assist victims affected by the DNSChanger malicious software, the FBI obtained a court order authorizing the Internet Systems Consortium (ISC) to deploy and maintain temporary clean DNS servers. This solution is temporary, providing additional time for victims to clean affected computers and restore their normal DNS settings. The clean DNS servers will be turned off on July 9, 2012, and computers still impacted by DNSChanger may lose Internet connectivity at that time.

Since the temp servers are going to be shut off this Monday, best to check before it is too late. :)

nobodyinparticular, I was thinking the same thing. Really big reaction for it. That makes me wonder if we are getting the whole story. I just feel sorry for the people that are infected and don't know it. Once those servers go down, it will be a real pain in the (you know what) to fix an infected system.

Gremalkyn, thanks for the info. I had to go into my router to make sure because I use a wireless access point in my home network.  All came out well.

Google have launched an initiative to address the issue apparently... which, given their coverage, should help some I'd hope:

http://nakedsecurity.sophos.com/2012/05/23/google-malware/

I understand that the major anti-virus vendors have already taken steps to address the issue through their products.

The moral is, I guess, make sure you're running a reputable anti-virus product on your system... and that you're subscribed to your AV and operating system security updates?

I'm not sure exactly why it's not possible for the authorities to seize the IP addresses from RIPE etc. and re-route them to legitimate DNS services, in advance of the seized malignant DNS servers being taken offline... but it sounds like it isn't... or maybe that's what they did do and they just can't sustain running the workaround?

EDIT: Yeah... no, they just kept the botnet command and control system running for a few months...

http://www.theregister.co.uk/2012/07/05/dnschanger_botnet_shutdown/

I fail to see what the conspiracy theorizing is about.  Instead of having half a million infected PCs lose their internet connections back in March, the FBI arranged for temporary clean DNS servers to be put in place to allow affected users more time to disinfect their machines.  The FBI isn't attacking anything, just shutting down the TEMPORARY servers that were put in place 4 months ago.  Should they have shut things down 4 months ago?  Or should they have allowed the criminals to keep their botnet in place?  Speaking for myself, I'd rather lose my connection than have my internet communications hijacked by criminals.

True mishamcm. I'm very glad they took action. I just hope everyone is paying attention and gets their systems cleaned up before they lose their connections.

Quote - I fail to see what the conspiracy theorizing is about.  Instead of having half a million infected PCs lose their internet connections back in March, the FBI arranged for temporary clean DNS servers to be put in place to allow affected users more time to disinfect their machines.  The FBI isn't attacking anything, just shutting down the TEMPORARY servers that were put in place 4 months ago.  Should they have shut things down 4 months ago?  Or should they have allowed the criminals to keep their botnet in place?  Speaking for myself, I'd rather lose my connection than have my internet communications hijacked by criminals.

This is the correct version of what is happening, and not what the OP is saying.

Meanwhile, do check if your IP for your computer(s) and for your routers are showing the tainted addresses or not.

Oh, dear - I didn't even notice the original message said that the threat was being caused by the FBI.  Apologies - it's been a crazy day, and I do completely know that this is something the FBI STOPPED but that could cause internet connectivity loss if you have one of the affected DNS servers listed on your computer.  Which is why I put up the link to the FBI's site where they explain the whole thing.

Sorry guys, that was poorly worded. I did not mean to say it was caused by the FBI. I meant they were helping to fix the problem.  My bad.

I have worked as a consultant with government contractors for the last 15 years all over the world with security measures and other issues, including US Embassies. The FBI has always done a great job.

I talked to two different people this morning who cleared their computers. One in Hawaii and one in Arizona. Please check your systems.

Yeah, I sometimes read with autoedit on and saw the sentence as:

The FBI expects a worldwide attack on the internet this month. So I saw nothing wrong with it.

Re-reading does give a bit of a chuckle. The passive can be deadly. I know it was unintentional. :)

Yes, really sorry about that. I was on the phone while I was typing and it did not come out the way I intended. We are just trying to get it out in as many places as possible before they take down the good-guy servers.

ok lets have the death penalty for creating computer virus's that eway no one will risk making one, no probation, no second chances, a deliberate attack on others kill the mthr fkr

oh and how does the fbi know there is going to be an attack like this?

sometimes I wonder if they are actullay doing it to knock out certain types of activity.

lets get this corrected.

there is NO attack on the internet. the thread title is WRONG

what happened is simple. the FBI were able to bust a malware ring and take over the servers that controlled the malware. they then ran the servers to allow those affected to fix their systems.

they end this soon. hence if you have not corrected the problem, you will be offline.

no attack involved. at all.

Tucan-Tiki:  "ok lets have the death penalty for creating computer virus's that eway no one will risk making one, no probation, no second chances, a deliberate attack on others kill the ... etc etc"

While the normal argument against the death penalty considers the first innocent death; I'm led to wonder at the world-view that everyone on the planet fears death.

Quote - Tucan-Tiki:  "ok lets have the death penalty for creating computer virus's that eway no one will risk making one, no probation, no second chances, a deliberate attack on others kill the ... etc etc"

While the normal argument against the death penalty considers the first innocent death; I'm led to wonder at the world-view that everyone on the planet fears death.

Indeed. Tyrannies have fallen precisely because the point at which you fear execution for mere accusation of any number of random and relatively minor offenses is the point at which the cost of rebellion is no longer too high to consider.

I think people are panicking for no reason!  They say 1/4 of a million, that's 250,000 computers on the internet out of all of the computers on the internet.  You have a better chance of winning the lottery than you do of having been infected by this DNS Charger thingy.

Quote - I think people are panicking for no reason!  They say 1/4 of a million, that's 250,000 computers on the internet out of all of the computers on the internet.  You have a better chance of winning the lottery than you do of having been infected by this DNS Charger thingy.

Yup, the numbers involved are pretty trivial, proportionally... and, I'd hazard a guess, that chances are those numbers are slightly exagerrated anyway.

This reminds me of the y2k bug. The news medias had everyone convinced that the world as we know it would end and we would be thrown into another dark ages. Yes some people will be affected. Yes it doesn't hurt to check. But life will go on for most just as it has for the last several months.

If we were ruled by the Sith, there would be a government site to "check for a virus" that actually distributes a virus. Fortunately we aren't ruled by the Sith.

I guess I don't see it as an issue of panic, just taking a precaution

Post here if you have no internet access!
:cursing:

i'm sending this through a medium........is there anybody there???????????

Quote - i'm sending this through a medium........is there anybody there???????????

My computer is okay... but is it possible to contract this DNSChanger malware yourself?

My brain keeps getting diverted... and this morning it just isn't working at all.

Oh wait... it's just Monday.

Quote - i'm sending this through a medium........is there anybody there???????????

My Ouija board is working fine.

It's all a conspriacy being run by sith kittys flying around in black helicopters. They are preparing us for when cats rule the world...

Quote - It's all a conspriacy being run by sith kittys flying around in black helicopters. They are preparing us for when cats rule the world...

I should've known... all along my dog's been trying to warn me about this!

Another media story to scare the public.  Should have known everything would be all right. 

i figured it out that way but it's crass of me to say that now

so here's crass

but it's their job to report it.  i hear about it on fox which some in my family have on all day.  it was carmaggedon to them, the internet will shut down.  panic and doom is their jerry springeresque bread and butter.

what cracks me up the most about this kind of stuff is it always seems to escape people that we can repair things when they break. having said that i did make sure my devices were up to date.  spyware and malware is the antivirus world's responsibility right?

the sky is always falling, to justify extreme behavior

o yeah and i wouldn't rule out the sith thing

Quote - o yeah and i wouldn't rule out the sith thing

This is not the explanation you're looking for.

It's sunspots.

Ok, where's me tinfoil hat?

Attached Link: ISPs step in to supply DNSChanger safety net

This is, in fact, what's been happening (although no seizure was involved, just ISPs doing their job). The number of infected users has also been dropping, presumably as awareness of the trojan spreads.

Quote - Another media story to scare the public.  Should have known everything would be all right. 

actually it wasn't. there was a few pages in the tech blogs - months ago - and if you look, the original posted link was from April...

considering the lack of hysteria in the media... I'd hardly call it a scare, would you?