Thousands of people around the country whose computers were infected with the malicious DNSChanger software more than a year ago faced the possibility of not being able to get online after midnight EDT.
At 12:01 a.m. EDT, the FBI planned to shut down the Internet servers set up as a temporary safety net to keep infected computers online for the past eight months. The court order the agency obtained to keep the servers running expired, and it was not renewed.
DNSChanger Working Group
In a highly unusual move, the FBI set up the safety net. The bureau brought in a private company to install two clean Internet servers to take over for the malicious servers so that people would not suddenly lose their Internet.
The FBI arranged for a private company to run a website — http://www.dcwg.org — as a place where computer users could go to see if their computer was infected by DNSChanger, and find links to other computer security business sites where they could find fixes for the problem. (If you want a quick check of your computer's status, the FBI-authorized dns-ok.us site is fast — no software is required for the scan.)
From the onset, most victims didn't even know their computers were infected, although the malicious software probably has slowed their web surfing and disabled their antivirus software, making their machines more vulnerable to other problems.
Also, some people simply don't trust the government, and believe that federal authorities are only trying to spy on them or take over the Internet. Blogs and other Internet forums are riddled with postings warning of the government using the malware as a ploy to breach American citizens' computers. That's a charge the FBI and other cybersecurity experts familiar with the malware quickly denounce as ridiculous.
Still, the Internet is flooded with conspiracy theories:
"I think the FBI just wants everyone to go to that website to check our computers so they can check our computers as well. Just a way to steal data for their own research," one computer user said in a posting on the Internet.
Another observed: "Yet another ploy to get everyone freaked out ... remember Y2K."
There also is an underlying sense that this will be much ado about nothing, such as the approach of 2000. The transition to that year presented technical problems and fears that some computers would stop working because they were not set up for the date change. In the end there were very few problems.
Considering there are millions of Internet users across the country, several thousand isn't a big deal, unless you're one of them.
FBI
"These types of issues are only going to increase as our society relies more and more on the Internet, so it is a reminder that everyone can do their part," he said.
FBI officials have been tracking the number of computers they believe still may be infected by the malware. As of Wednesday, there were about 45,600 in the U.S. — nearly 20,000 less than a week ago. Worldwide, the total is roughly 250,000 infected. The numbers have declined steadily, and recent efforts by Internet service providers may limit the problems on Monday.
Tom Grasso, an FBI supervisory special agent, said many Internet providers have plans to try to help their customers. Some may put technical solutions in place that will correct the server problem. It they do, the Internet will work, but the malware will remain on victims' computers and could pose future problems.
Other Internet providers are simply braced for the calls to their help lines.
By Monday, if you can't read this online, those customer support lines will be your only solution.