DNSChanger Malware Will Make Thousands Lose Web Access on Monday: How to Protect Yourself

8 July 2012, 11:17 am EDT By Anu Passary Mobile & Apps

Come July 9, thousands of people around the globe could end up losing access to the virtual world if their computer is infected with malicious software aka malware. Computers that are still running the DNSChanger malware will be denied Internet access as the FBI intends on disconnecting infected machines from the Internet. But fret not, as we're here to help you remove the malware.

The DNSChanger virus has in the past affected approximately 4 million global users. In November 2011, the FBI had made public the details of the virus post the arrest of the malware authors. As its name suggests, the notorious DNSChanger virus handicaps the ability of a computer to properly access the Internet's DNS system, in other words the Internet's phone book. The virus is known to redirect users to phony DNS servers, forwarding the users to fraudulent sites which promote bogus products or schemes. Estimates suggest that more than 277,000 computers worldwide are still infected with the virus, which is a fall from about 360,000 in April this year.

The FBI had not only effectively shut down this operation, but had brought in a private company to build two new servers that would act as a safety net and redirect traffic from users infected with the malware. This temporary safety net built by the FBI to counter the malware issue is going offline on July 9.

Earlier in March this year, the FBI released a statement to clarify why the servers were going down. "To assist victims affected by the DNSChanger malicious software, the FBI obtained a court order authorizing the Internet Systems Consortium (ISC) to deploy and maintain temporary clean DNS servers. This solution is temporary, providing additional time for victims to clean affected computers and restore their normal DNS settings. The clean DNS servers will be turned off on July 9, 2012, and computers still impacted by DNSChanger may lose Internet connectivity at that time."

The implications of this move are very clear; any individual whose machine is still infected with the DNSChanger will lose access to the Internet unless he/she removes the root cause i.e. the virus itself. Most victims are not even aware that their computer could be affected. In a bid to create awareness and to counter the problem, popular social networking sites and Internet providers have gotten involved to alert people.

Both Facebook and Google have created their own warning messages that showed up if someone using either site appeared to have an infected computer. Facebook users will get a message that says, "Your computer or network might be infected," along with a link that users can click for more information. Google users got a similar message, displayed at the top of a Google search results page. It also provides information on correcting the problem.

If a user wishes to check whether his/her computer is infected, they can visit http://www.dcwg.org. The website is maintained by a group hired by the FBI. A list of tools and system checks are available here, which can be employed to test if the computer is clean. McAfee and Trend Micro, also have free tools available on the site to help remove DNSChanger. Additionally, it's a good idea to take a back-up of all the files prior to using the free clean-up tools.

A stitch in time saves nine. Performing a system check would ensure that the user is on safe terrain and in a virus-free zone.

©2018Mobile & Apps, All rights reserved. Do not reproduce without permission.

Join Our Conversation

Sign up for our Newsletter

Most Popular

Real Time Analytics