The lingering effects of an online advertising scam are affecting hundreds of thousands of Internet users -- and the FBI’s final fix for the problem may leave them without Internet access.
The problem began when international hackers ran an online advertising scam to take control of infected computers around the world. The FBI set up a safety net months ago using government computers, but that system will shut down July 9. At that point, infected users won’t be able to connect to the Internet.
LONG ARM OF SCOFFLAW: An online ad scam is having some unintended ramifications: The fix may prevent as many as 360,000 from getting online. Several sites will show if you're infected:
DNS Changer Working Group: can discern whether you’re infected and explain how to fix the problem.
DNSChanger Eye Chart: if the site goes red, you’re in harm’s way. Green means clean.
The FBI website: type in the IP address of your DNS server to find out if it is infected.
"We started to realize that we might have a little bit of a problem on our hands because ... if we just pulled the plug on their criminal infrastructure and threw everybody in jail, the victims of this were going to be without Internet service," said Tom Grasso, an FBI supervisory special agent. "The average user would open up Internet Explorer and get `page not found' and think the Internet is broken."
The FBI touts the DNS Changer Working Group’s website, which can discern whether you’re infected and explain how to fix the problem. But there are other ways.
Testing for the presence of the malware is easy. Because it redirects your web traffic from “good” to “bad” sites, a simple test at the DNSChanger Eye Chart can readily discern where it sends you. If the site goes red, you’re in harm’s way. Green means clean.
The FBI also has a lookup form on its website, PCMag.com reports. The user can type in the IP address of the DNS server configured on the machine to find out if it is one of the malicious ones identified by law enforcement authorities.
And Kaspersky Lab offers TDSSKiller, a rootkit removal tool, which can also detect DNSChanger and remove it from infected systems, PCMag.com reported.
The Associated Press contributed to this report.