The FBI is currently scheduled to take several temporary DNS servers offline on March 8th; an action that could result in the disconnection of millions of Internet users. This dilemma stems from a nasty trojan that was circulating back in 2011 called DNSChanger. This bug was used to alter a user’s DNS settings, and law enforcement used temporary DNS servers to give everyone time to fix the problem. Experts fear that many systems are still infected, and risk failure on March 8th.
DNSChanger used the modified DNS server settings to route users to malicious (and possibly illegal) domains instead of the ones they intended to visit. The feds worked with Estonian authorities to apprehend the creators of DNSChnager, but that left millions of computers still infected. The fix was to set up a few DNS servers to intercept the traffic from these systems and keep the data flowing. Now that the servers are due to be taken offline, some people might suddenly have busted connections.
DNSChanger was a surprisingly widespread infection that wormed its way into half of all Fortune 500 companies and nearly that proportion of government agencies. There is still a chance that the FBI will be allowed to leave the servers in place a little longer, but no guarantees. Do you think DNSChanger will have one final laugh on March 8th?