Home / Channel / Monday FBI ‘malware safety net’ removal aftermath

Monday FBI ‘malware safety net’ removal aftermath

If you have been reading Kitguru in the last week you will already be aware that the FBI were removing their safety net, exposing a DNS change left by malware on users systems. Initial concerns had assumed that almost a quarter of a million people could be affected, but the problem wasn’t as widespread as expected, primarily due to the ISP’s stepping in to protect their customers.

More than 4 million Windows PCs were infected by DNSChanger initially.

American ISP’s such as Time Warner Cable, set up their own safety nets when the FBI removed theirs, allowing infected users to continue accessing the internet. They didn’t issue details on how many people were affected.

AT&T said only a small percentage of their user base were affected by the virus. To make sure that their customers were able to access the internet the company maintained legitimate Internet servers for them until the end of the year. The intention is to give people plenty of time to remove the malware DNS changer from their systems.

Verizon Communications said they would “continue to provide extended support to our customers during the month of July — while continuing to instruct them on the necessary actions they must take to resolve the issue on their computers.”

In South Korea there were no reports from affected computers. Up to 80 computers may be infected, down from 1,798 listed in February, according to the government.

The top 20 country infections are shown below.

DNSChanger IP count
Source: @mikko

F-Secure posted a blog saying that the “Infection count continues to decrease without a major crisis in support calls. (We’ve only received a couple from our own customers.)”

In the UK, the infected machines dropped from 19,589 on June 11th to 13,832 at the weekend.

Kitguru says: If you aren’t sure if you are one of the infected users still being protected by their ISP, then head over to this website and get your machine checked, then cleaned if necessary.

Become a Patron!

Check Also

CD Projekt confirms stolen files starting to circulate online

CD Projekt Red has confirmed that the data stolen during a cyberattack in February has …