On July 9th, hundreds of thousands of people around the globe may find that they can no longer access web sites without knowing the exact numeric address. So they won’t be able to go to Google.com. Instead they’ll have to go to 220.127.116.11, which can make getting around the web pretty difficult.
Who will be affected?
Around 300,000 computers around the globe are still part of a botnet called DNSChanger. The botnet altered DNS server settings on the infected computers to conduct click-fraud schemes. Last year the FBI and Estonian authorities arrested the gang behind DNSChanger. Since then, US Courts have authorized running “clean” servers for infected IP addresses. And those servers are set to be turned off on July 9th.
Am I infected?
Probably not. But go to http://www.dcwg.org/detect/ and find out now.
See, we told you that you probably weren’t infected.
On the odd chance you are, you can use our free tool to reset your settings. You should do this now even though the courts are likely to extend the servers for a bit longer. Why now? If you’re infected your computer is a “zombie” and vulnerable to new infections. And these new infections won’t be run by a court in the United States.
For more about DNSChanger visit the F-Secure Labs blog.
[CC image by Brad Montgomery]
Are we still calling this outbreak Petya? Yes. Microsoft Defender detected it as "Petya.A". "We…
June 28, 2017