Sunday, July 8, 2012

Last Call To Check For DNSChanger malware

This truly is the last call to check your computer for DNSChanger malware and clean it up (if you're computer is infected) so you can still access the Internet after today. DNSChanger has been in the tech news for a couple of years, but since April 2012 there's been a massive public information campaign, with social media posts and mainstream news everywhere. Google is warning users of DNSChanger infections, and even Comcast is attempting to contact their users whose computers are infected (it's easy for a cable provider to match users with IPs, since cable Internet users typically have the same IP for a very long time, verses an IP change daily from DSL). The reason the media blitz is continuing, right up until the final day, is because hundreds of thousands of users are IGNORING the warnings.

You should not only know what DNSChanger is, but you should be sick of hearing about it by now. Sadly I still get asked about it, as recently as late June...what it is, and if "all those people will really lose their Internet connection in July." Average users are reading the headlines....but nothing more.

I see some in the tech industry getting frustrated over people not paying attention to such a massive media campaign that's for their own good, with one Znet.com blogger even going so far as to list five reasons DNSChanger victims deserve to lose the Internet. Though it's a little harsh, I agree with it. A couple of years ago we had a payment policy change. A notice was included in the email that goes out with every invoice (the actual invoices are .PDF attachments with the email). This notice of an upcoming change that would affect every customer was in the invoice email for a solid year, yet there were still customers who were unaware of it when the switch occurred.

When you own a car, you get a license (which includes passing a test to make sure you know the basic rules of the road), and you learn what the different parts of the vehicle are and how they work. If it's a manual transmission, you learn how to shift gears without grinding them, you learn that if you run out of gas the car stops, you learn to put in oil. A computer is no different, if you own/use a computer you need to learn how to maintain it or pay someone to do this for you, just like a car. Think about it, if there was a recall for your car, would you have it checked? Of course you would.

It's a simple 10 second process, and there is absolutely NO EXCUSE for any computer user to not verify their computer is clean.

This website will show if you're infected: http://www.dns-ok.us/

http://www.dcwg.org/detect/ also lists DNS checkers for countries located outside of the US, or you can also use the list from the FBI's page. The FBI page is a little more difficult to use, since you'll need to enter your IP (sites like whatismyip.com will tell you).

If your computer is clean, you should be good to go. IF NOT, not only do you need to clean the malware infection from your computer, but you need to check your DNS settings, also! A lot of articles I've read about the DNSChanger infection aren't addressing that issue. The malware changes your DNS settings and redirects your computer and sometimes your router.

The DCWG.org page also lists how to manually check to see if your DNS settings have been changed.

Here's how to check if your router is infected and what to do

Lastly, no one is "losing" their Internet access. The Internet will still be there...you just won't be able to connect to it if you're infected, unless you use a websites' IP address, instead of the much-easier-to-remember domain name. Once the malware is deleted from your computer and your DNS settings restored, your computer will be able to connect to the Internet once again.