PSA: Evict DNSChanger now or lose the web Monday

Jul 8, 2012
10

Today's malware has a deadline: get rid of DNSChanger now, or come Monday, July 9, you may find yourself without access to the internet altogether. Hundreds of thousands of computers around the world have been infected by the trojan, which changes DNS settings - among other things - so as to route web traffic through compromised servers. Now, the FBI is preparing to pull the plug on those servers - and many people's internet connection with them.

Since the FBI and other law enforcement agencies seized control of the botnet behind DNSChanger, a temporary DNS server network has been running in its stead so as to keep infected users online. That network will cease operating on Monday.

"The botnet operated by Rove Digital altered user DNS settings, pointing victims to malicious DNS in data centers in Estonia, New York, and Chicago. The malicious DNS servers would give fake, malicious answers, altering user searches, and promoting fake and dangerous products. Because every web search starts with DNS, the malware showed users an altered version of the Internet" DNSChanger Working Group

The best news is, checking for a DNSChanger infection on your system and, if found, getting rid of it is straightforward. First step is heading to dns-ok.us in your browser: that will tell you whether or not there's a sign that your computer has been infected. If it's green, you're in the clear (though it's probably still worth forwarding this article on to friends and family - particularly net-confused parents - who might need some assistance checking their own machines).

If it's red, however, you have a DNSChanger problem. Thankfully there are multiple options to get rid of it: Microsoft has a tool, as do key anti-virus vendors such as McAfee and Norton. There's a full list of them here, and usually it's just a case of downloading and running an app to get your computer back on an even keel.


Must Read Bits & Bytes