Make sure your computer is not using rogue DNS servers…before July 9

On July 9, 2012, there is a chance that many computers will cease to be able to surf the web because of malware that proliferated among millions of computers starting in 2007. You can find out if your computer is among them.

Why will computers stop being able to surf the web?

Starting in 2007, an Internet fraud ring running out of Estonia infected millions of computers worldwide with a virus to manipulate internet advertising. The way they did this was by redirecting users to rogue DNS servers which gave the cyber thieves the ability to manipulate users’ web activity by redirecting them from legitimate websites to fraudulent ones.

US authorities seized the rogue servers and replaced them with legitimate ones in order not to disrupt victims’ access to the web. However, those servers have been funded by US taxpayer dollars since November 2011, and of course this cannot go on indefinitely. The planned date for turning off the servers is July 9, which means that computers that have been accessing the web via these rogue-turned-legit servers, will lose that ability.

How to check if your computer is using rogue DNS servers

To find out if your computer is clean, or is using the rogue DNS servers, take the following steps:

  1. Find out what your computer’s IP address is. You can do this by visiting this site: WhatIsMyIP. Your IP address is the 10 digit number that looks like this: Copy it down somewhere.
  2. Visit the following page on the FBI site: Paste your IP address in the tiny field that appears towards the top of the page:
  3. Click on Check Your DNS. If your computer is clean, you’ll see the message: “Your IP is not configured to use the rogue DNS servers,” and you can breathe a sigh of relief.

If your computer is not clean, then you’ve got quite a job ahead of you. Visit this page on the DNS Changer Working Group site to see the steps you should take to clean your computer. Yikes.


Internet doomsday on July 9th? Don’t panic!, Sophos Naked Security Blog.

International Cyber Ring That Infected Millions of Computers Dismantled, FBI.

  • Chava

    Thank you very much for this, Miriam. I checked, and I’m clean. I use my computer for work online, so this is important to me.

    I saw your posting on Digital Eve Israel. I have never commented, but I’ve belonged to this group since my aliyah in 2007.

  • Illuminea once again proves that it is one of the best resources available online today, and perhaps even a secret weapon that the country should consider utilizing on a global scale…! Thank you Miriam for this excellent tip. :-)

    • MiriamSchwab

      Debbie, you’re hilarious. Lol!

  • gdask

    should you not be typing into the fbi field box the dns entry that you use or your isp uses or your routers dns ip from it’s isp, why would you want to put in the wan ip of your connection?

  • Zou

    Nyeh, thank god. I didn’t know what it meant on the FBI site. I mostly draw so I need my computer <3.