Activist Post

This March 8th, the FBI is planning to unplug DNS servers it set up to help eliminate malware from over half of Fortune 500 companies and government agencies still infected in early 2012.

The change could potentially leave a great number of Internet users without access to the Web.

…the feds replaced the criminals’ servers with clean ones that would push along traffic to its intended destination. Without the surrogate servers in place, infected PCs would have continued trying to send requests to aim at the now-unplugged rogue servers, resulting in DNS errors.

The malware, called DNSChanger Trojan, is said to illegally redirect traffic and prevent users from accessing the updates necessary to remove it. Without access to these critical patches, these large companies, government agencies, and home users are said to be more susceptible to hackers.

This prompted InfoWorld to wonder:

This fact does raise the question of why so many Fortune 500 companies and government agencies have failed to notice they have a problem, as they presumably have IT security professionals on staff who should be monitoring such incidents.

Those computers still infected with the Trojan will not be able to access the Internet after the FBI shuts down their temporary servers.

The feds received a court order in November, 2011 to replace the “rogue” servers with surrogate servers to operate “just long enough for companies and home users to remove DNSChanger malware from their machines.”

Rod Rasmussen, president of Internet security company Internet ID, told Krebs on Security that there are still millions of PCs infected with DNSChanger. “At this rate, a lot of users are going to see their Internet break on March 8.”

A working group advising the FBI is said to be considering requesting an extension of the court order to give more time to users of infected machines to remove the malware.

Although this may indeed be a very real problem that Internet users must be vigilant to protect themselves from, depending on the government to provide servers when their own agencies are infected doesn’t seem like a trustworthy solution. Additionally, a previous private-government working group put together in 2009 to combat the Conficker Worm has accomplished very little as 3 million computers are still said to be infected.

These viruses are called Trojans because they are disguised as something friendly, enter computers, and then install malicious software. Someone with a healthy distrust of the government may see the FBI’s warning that millions will be cut off from the Internet as a Trojan Horse itself so that they may retain control over the new servers.

After all, if the FBI is controlling the “legitimate” servers, wouldn’t they have access to all the traffic information of individual users and large corporations?

To ensure your computer is not infected please follow the instructions here. And follow Krebs on Security for news updates pertaining to this story.

To read other articles by Activist Post click here.

Please help us combat censorship: vote for this story on Reddit — http://www.reddit.com/r/conspiracy/comments/pp4qt/fbi_receives_court_order_to_impose_targeted/