In 2012, a family of malware called DNSChanger affected hundreds of thousands of internet users by changing their recursive DNS server settings to direct traffic to fake websites controlled by cyber criminals. Law enforcement arrested the suspects and seized control of the rogue servers, but many systems were still using them. On July 9, 2012, these servers were scheduled to be shut down, potentially cutting off internet access for affected users. Two internet infrastructure startups, CloudFlare and OpenDNS, collaborated with the DNS Changer Working Group (DCWG) to help inform infected users about their situation and provide resources to fix their systems before the shutdown date. The incident highlighted the importance of DNS in maintaining a secure and functional internet.