By Jim Donahue
The FBI announced yesterday that more than 277,000 computers the world over may crash on Monday, July 9th, 2012 because of a malware virus being spread on the Internet.
In its case against the Defendants, UNITED STATES v. VLADIMIR TSASTSIN, ET AL, the FBI, the NASA-OIG and Estonian police arrested several cyber criminals in “Operation Ghost Click.” The criminals operated under the company name “Rove Digital” and distributed DNS changing viruses, variously known as TDSS, Alureon, TidServ and TDL4 viruses. You can read more about the arrest of the Rove Digital principals here and in the FBI Press Release.
The original story dates back to 2007 when a group of cyber-hackers launched malware dubbed “DNSChanger,” infecting millions of computers in hundreds of countries with code that allowed them to manipulate the way Internet ads appear in browsers.
“We started to realize that we might have a little bit of a problem on our hands because … if we just pulled the plug on their criminal infrastructure and threw everybody in jail, the victims of this were going to be without Internet service,” said Tom Grasso, an FBI supervisory special agent. “The average user would open up Internet Explorer and get ‘page not found’ and think the Internet is broken.”
The FBI is seeking information from individuals, corporate entities and Internet Services Providers who believe that they have been victimized by malicious software (“malware”) related to the defendants. This malware modifies a computer’s Domain Name Service (DNS) settings and thereby directs the computers to receive potentially improper results from rogue DNS servers hosted by the defendants.
If you believe you have been victimized in this case, please type your DNS information into the search box below.
Information on how to determine your DNS settings, along with other technical details about DNSChanger, can be found at
You can also test to see if you are affected by visiting the following DNSChanger Check-Up sites below.
If this Check-Up site indicates that you are affected by DNSChanger, and then visit http://www.dcwg.org/cleanup.html for information on how to address this problem.
For more information, click here for a link to the FBI website, or copy and paste this URL https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS.