Despite education and remediation efforts on the part of the Federal government and the security industry, and with the deadline fast approaching, more than ten percent of Fortune 500 enterprise systems are still infected.
In November 2011, federal prosecutors had revealed the outcome of Operation Ghost Click, an investigation that resulted in the arrests of seven suspect who were alleged to have infected millions of computers with DNSChanger malware.
DNSChanger hijacks the domain name system (DNS) on infected systems and sent internet requests to a rogue DNS server rather than a legitimate one.
After the rogue servers were seized, the FBI replaced them with clean servers in order to prevent millions of infected Internet users from losing their Internet connectivity.
"On July 9th, those servers are coming down barring a last-minute extension, and many computers—including machines at 12% of the Fortune 500—are still infected with the malware," security provider IID (Internet Identity) reports.
Those companies may experience a loss of connectivity, and potentially a devastating interruption in business operations.
US-CERT "encourages users and administrators to utilize the FBI's rogue DNS detection tool to ensure their systems are not infected with the DNSChanger malware. Computers testing positive for infection of the DNSChanger malware will need to be cleaned of the malware to ensure continued Internet connectivity."