Despite repeated notifications from Google, Facebook, and internet service providers, thousands of users infected with the DNSChanger malware may lose internet connectivity next week. Although infections have since decreased, fraudsters infected millions of machines worldwide with a virus that altered DNS information to route legitimate internet traffic to servers that would steal information such as passwords and credit card numbers.
The FBI disclosed the full details of the attack in November, revealing that the malicious servers powering the malware would need to continue running to ensure infected users could still access the internet. A court order, obtained by the FBI, allowed the Internet Systems Consortium (ISC) to deploy and maintain temporary clean DNS servers, but this system will be turned off on July 9th. Some internet service providers may have technical solutions in place to handle the problem, but others will provide help to customers to remove the malware and return DNS settings to normal.