Internet to shut off July 9th! – Blackout due to infected DNS Server.

Internet shut off button. Do Not Press!

 

Malware, its a son of a *****.

On Monday, June 9th, there are going to be roughly 3.5 million people out there who are going to have a bad day. This is the day of operation “Internet shut off.”  Why will this happen? Well that’s a long story, but it all boils down to malware that is no longer harmful. Sounds like a oxymoron, right? Keep reading.

It revolves around DNS. What’s DNS? It stands for domain name service which is run on servers all over the world. A DNS is sort of like a translator, you give it one thing and it interprets it for you. Specifically what a DNS does is it takes easy to remember web addresses like www.theskynet.org and turns them into a IP (internet protocol) address for you. The IP address for the skynet.org is 134.7.38.92, so technically you could open up a new tab in your web browser and get to the website by typing in the URL field either www.theskynet.org or 134.7.38.92.

Think of it like this. Say you and your friend John are at the airport after that long flight from that wonderful vaca, you hop in a cab and say to the cabbie “bring me to my friend Jackie Smiths house”. The cabby looks at you in awe as you think he actually knows who and where your friend Jackie lives. Your friend John say to the cabbie “the address is 10973 W. Chicago street South, Heartland Wi. 33290″. John is like a DNS here, you give him the name of where you want to go, he gives you the address and sends you on your way.

So your computer and such are configured to call upon one of these domain name servers to get an actual IP address anytime you type in a website name in your web browser. But what would happen if the domain name servers were wrong, for example what if you type in www.eBay.com and the DNS gives your computer the address to Walmart instead. Or worse yet, what if hackers had their own domain name servers and your computer was configured to talk to these “rogue DNS” instead of a legit DNS? This is exactly what happened.

A few years ago, hackers were distributing malware that would change your computer and network setting to have your computer talking to their rogue domain name servers instead or legit ones. Once your computer was talking to these servers, hackers could give you addresses to anything they felt like. For instance, you browse over to your banks website, type in your credentials and hit the login button. The address the rogue DNS gave you was actually the address to a site made by hackers to look exactly like your banks website, now your online banking credentials are now in the hands of the bad guys. You look at the address bar and see www.yourbank.com, so you are none the wiser.

The good news is that one of our government agencies actually did something and shut these bad guys down years ago. The bad news is that millions upon millions of peoples computers were infected with the malware and network settings changed to talk to the rogue DNS. So when the FBI caught and shut down the ring, they could not just simply turn off these rogue DNS servers. Doing so would result in all those people that were infected, all of a sudden having apparent loss of internet service since their computers would call upon a DNS that no longer exists. So the FBI instead “cleaned” the rogue DNS servers until people could get the malware removed and computers in proper working order. The issue is thoroughly documented at the FBI’s site and DCWG (DNS changer working group).

So in a sense, this malware is no longer really harmful since the FBI took care of it on the back end, but on July 9th they are going to be turning off the cleansed rogue DNS servers for good. This means that the remaining 3.5 million computers out there still relying on these DNS servers will have there internet go poof once the servers are shut off. Like I said, these folks will have apparent loss of service, apparent being the operative word. They will need to have their computers and networks serviced to point to one of the real legit DNS servers. After that is done, peace will be restored.

So how do you find out if you are one of the lucky ones that will discover the great outdoors July 9th when the Internets suddenly break? Easy, there are websites set up to detect if you fell victim or not. All you have to do is give one of the sites a visit and it will tell you if you are in the clear or not. One of these sites can be found here.

So be for operation “Internet shut off” get those PC’s checked and repaired folks. The repair guys at Icermedia.com are most certainly going to be deprived of sleep and buzzed up on red bull for the weeks following July 9th so get in touch with them sooner than later, they will get you back up and running lickity split. Same goes for those of you that bought one of the tech-support packages from Bestbuys GeekSquad, get them in now so you don’t have to wait the unusual long wait times to get your PC repaired. Geeksquads turn time is normally a few days anyhow, imagine how long you will have to wait if you bring your PC in the same day 3.5 million others scramble to get their internet working again.

I hope none of my readers run into this problem, even though a few days outside doesn’t sound all that bad. Make sure to like this post and spread the word. And as always, leave a comment and rest assured that you favorite politician, All Gore, will live to see another day.

Cheers

Jerm

About Jerm

Jeremiah Johnson is the tall, dark, handsome Co-Owner of IcerTechnologies, an I.T. Hardware and Software company. A stock trader and technology enthusiast, Jeremiah is always digging deep into industries to see what the future holds. ThingsMicro.com is his personal blog where he writes about anything he finds interesting in life. Readers beware of poor, unedited grammars. His opinions are his own. (I like Turtles)