Thousands May Lose Internet Monday Because Of Computer Virus

Malicious software from 2007 could make it so thousands of people lose their Internet access on Monday.

A little background is necessary to explain why.

On Nov. 8, 2011, the FBI, the NASA-OIG and Estonian police arrested several cyber criminals in “Operation Ghost Click.”

The criminals, operating under the name Rove Digital, distributed DNS-changing viruses that were known as TDSS, Alureon, TidServ and TDL4 viruses.

The viruses altered user domain name system settings, which pointed their victims' Internet searches to malicious DNS in data centers in Estonia, New York and Chicago.

The malicious DNS servers altered user searches and pointed them to places that promoted fake and dangerous products. Because every web search begins with DNS, the virus essentially showed users an altered version of the Internet.

Under a court order, which expires Monday, the Internet Systems Consortium is operating replacement domain name system servers for those infected by the Rove Digital network.

This gives affected networks time to identify infected computers so they can avoid sudden disruption of their Internet services.

Internet users can check http://www.dns-ok.us/ to see if their computer is infected. (The web site is safe and run by a group that was hired by the FBI. However, it does not work with Internet Explorer so computers should use a different browser.)

For more information on the virus and how to clear it from your computer, visit here.