July 9, 2012 Virus – Not A Hoax

After July 9, you may lose internet access on your PC thanks to the FBI. Not because of something they will do on July 9, but because of something they will stop doing. Confused yet? Let me explain.

Most of you have been a victim of mal-ware at some point in the past few years. It goes by many different names (Trojans, junk ware, ad-ware, that crap that screwed my computer, etc.). One of the recent variants has been particular nasty. It has been most commonly called TDSS, but also goes by Alureon, TidServ & TDL4. This malicious code changed your DNS settings and disabled your anti-virus programs, making you susceptible to further problems.

So what if they change my DNS settings? you may ask. DNS (Domain Name Services) is a critical function to your internet access. Every server, website and device on the internet is identified by an IP Address. DNS translates a domain name into that address (www.compu-type.net = 199.217.139.204). Without DNS, your PC cant find www.youtube.com (74.125.227.130) or www.facebook.com (69.171.224.53).

So what this international band of hackers did with the TDSS virus was tell your PC to use their DNS servers instead of those specified by your ISP, therefore controlling which servers you connected to when browsing the internet. You may have intended to go to www.google.com, but they could redirect you www.EstoniaRulez.com or virtually anywhere. And that anywhere usually involved pushing more malware on your PC, making your PC slower and slower, and risking the security and privacy of your data.

How does the FBI fit in? In November 2011, the FBI along with Estonian police, arrested these cyber crooks in Operation Ghost Click. Once the criminals were in custody, the FBI realized that shutting down those DNS servers would create havoc for potentially millions of internet users worldwide because those DNS requests would go unanswered. So under a court order, they have been operating safe DNS servers in the place of the malicious servers so that PCs infected with TDSS can function almost normally (aside from the slow internet, disabled anti-virus, annoying pop-ups, etc).

On July 9, 2012, that court order expires and those servers will go silent. If you have TDSS, you will not be able to use the internet at all after those servers are shut down. It is crucial that you get your PC tested and cleaned before that date. The FBI has setup a website that will tell you if your PC is infected with this malware (http://www.dns-ok.us). If you get this result:

Then congratulations your machine is clean. If not, call us and well take it from there. But just be sure to do this before July 9, before the FBI shuts down your internet for good.