In early summer, there was the alarming news that the Internet would be disconnected on July 9. This statement was officially made by the US Federal Bureau of Investigation, and this disconnection to a certain extent could have affected the Runet. The reason is the discovery of a new DNS Changer virus.
The fears of federal agents are well grounded. DNS Changer forces computers of Internet users around the world to click through certain advertising links, thus bringing high profits to the creators of the virus. In addition, fraudsters stole credit card information, passwords, and replaced the existing antivirus software with a modified one. That is why DNS Changer was perfectly protected from detection by various antivirus programs. Only those with weak computers and low-speed connections have experienced some connection delays. The total income received by the scammers is estimated at $ 14 million. Despite the arrest of all six creators of the Trojan, Estonian citizens, the virus threat persists.
First of all, the danger from DNS Changer lies in its ability to change the algorithms of antivirus programs so that they do not detect a virus. Moreover, the modified algorithms reduce the overall level of computer security.
Also, when the virus redirects traffic to the desired sites, domain names are substituted. This technology allows the creators of DNS Changer to selectively disconnect individual users and groups of users from the Internet. According to intelligence gathered by federal agents, on July 9, the hackers who remained at large could have instructed the virus to disconnect anyone whose computers were infected from the network.
Even an approximate estimate of the number of users with a carrier of this virus has exceeded 500 thousand people around the planet. The FBI also feared that after the onset of the global hacker shutdown, the victims would only have to reinstall the system, losing all saved data irrevocably.
In order to counter the malicious DNS Changer, the FBI planned on July 9 to disable temporary DNS servers infected with the Trojan in advance and replace them with a clean DNS server. This server was specially created and launched back in November 2011, but the high cost of its maintenance does not allow it to be maintained for a long time. Also, a specialized site was created that allows any visitor to be guaranteed to detect DNS Changer.
But, in fact, everything turned out to be not so scary. In any case, for Russian users, most of the infected machines were located in the United States. Therefore, only a few Russians noted some connection disruptions on July 9. And users of the Linux operating system were not affected at all.
