Sunday, July 08, 2012

How to detect and fix a machine infected with DNSChanger

By Topher Kessler, CNET

The FBI will be closing the DNSChanger network on Monday, after which thousands worldwide are expected to no longer be able to access the Internet.

On July 9, the FBI will close down a network of DNS servers that many people have been depending on for proper Internet access. These servers were originally a part of a scam where a crime ring of Estonian nationals developed and distributed a malware package called DNSChanger, but which the FBI seized and converted to a legitimate DNS service.

This malware scam has been widespread enough that even third-party companies like Google and Facebook and a number of ISPs like Comcast, COX, Verizon, and AT&T have joined in the effort to help remove it by issuing automatic notifications to users that their systems are configured with the rogue DNS network.

If you see this or similar warnings when using Google or other services, then be sure to check your system for malware.
(Credit: CNET)

If you have recently received a warning when performing a Google search, browsing Facebook, or otherwise using the Web that claims your system may be compromised, then you might consider taking a few steps to check your system for the presence of the malware. This can be done in a couple of ways. First you can check the DNS settings in your system to see if the servers your computer is using are part of the rogue DNS network.

Read the entire article here.

No comments: