Alert: FBI Takes control of scammers

In November 2011, the FBI intercepted and interrupted a network of Cybercriminals who created some software that controls how people connected to the internet. On July 9, the FBI will start turning off these rogue servers, and if you have been affected, you will be unable to access the internet.

The software that was written changes your DNS settings to point to the cybercriminals servers. This allowed the crooks to look at the data transmitted over the connection. Once the FBI disabled the site, they kindly substituted a clean site in place of the criminal’s site. This was only going to be a temporary solution which will start to be turned off from 9 July.

Am I affected?

It is a bit tricky to tell, however there are some sites at the end of this article that can check your settings automatically.

How did it work?

The internet works on a series of numbers called IP Addresses. The numbers are not very people friendly and look like 207.46.232.182 for Microsoft. To make it easier, a clever person invented a “Domain Name Lookup Service”, or DNS. The means that “microsoft.com” to humans looks like 207.46.232.182 to computers.

By controlling how the names were translated, the criminals were able to hijack were people ended up, and could be redirected to a malicious site to collect passwords on fake sites that looked like the real thing. This is termed a “Phishing” attack.

Can it be fixed?

Yes, have a look at the sites below, and they all give instructions on what to do.

Related links

• FBI Site that explains the issues
• Sites that help you check if your computer is infected, and how to undo any changes.
  • Australia
  • German
  • Canada