About a quarter-million computer users around the world are at risk of losing Internet access on Monday because of malicious software at the heart of a hacking scam that US authorities shut down last November.
The software found its way into thousands of computers worldwide last year. It redirect users away from trusted websites, towards spoof websites in a bid to steal financial and personal information. When the attack was noticed, the FBI routed infected machines through its server to stop the attacks.
But the servers will be taken down 9 July. When this happens, computers still infected are likely to lose their internet connection without warning. Warnings about the problem have been splashed across Facebook and Google, and the FBI has set up a special website.
So how to tell if you’re computer is infected and how to fix it ? Here are few must-take steps. For details you can click here. The DCWG or DNS Changer Working Group is working to ensure that those who were infected don’t lose access to the Internet on Monday.
So how can you check if your computer is infected? For Windows 7 users, there are few simple steps they can follow:
• Go to the “Start” icon and type cmd, which is the DOS Command prompt.
• Type ipconfig /allcompartments /all and hit enter. In some cases ipconfig /all should also work, but might not list all the routing compartments if you have a VPN setup in Windows 7.
• The output will be very long, since Windows7 by default has support for IPv6. Look for the IPv4 information under the section entitled Ethernet adapter. Check out DNS Servers line, and write down these numbers. There may be two IP addresses listed there.
• The DCWG site has a list of infected DNS numbers on their site at this page. If they match up then, it means your computer has been infected. If not, then you needn’t take any steps as you won’t be affected by DNS change servers shutting down.
What to do in case you computer is infected?
• The DCWG site recommends that you make a back up of all your important files.
• The site has a list of “self help” malware clean up guides which will remove the malware. For more links you can click here.
The DCWG site warns that Changing DNS is only one of the functions of the malware kits. The malware could have been used for capturing keystrokes or acting as a proxy for traffic to sensitive sites like bank accounts or social media. It would be a good idea to check your bank statements and credit reports as well as change passwords on any online accounts especially saved passwords from your applications or web browsers.