FBI: Computers Infected with DNSChanger Trojan Will Lose Internet Access in July

Posted 04/23/2012 at 6:41am | by Paul Lilly

3

Comments

Print

Hundreds of thousands of infected PCs could be without Internet access beginning July 9, 2012, the day the FBI is planning to pull the plug on servers it seized that had been used to push ads to computers infected with a malware Trojan called DNSChanger. Systems infected with DNSChanger end up being redirected to the servers that were once under the control of the cybercriminals, but now belong to the FBI.

In cooperation with Estonian police, the FBI was able to take control of the servers, and the decision was made to keep them online so that the millions of infected PCs could still have Internet access. It's estimated that some 350,000 PCs are still infected with the DNSChanger Trojan, and if they're not cleaned up by July 9, they'll be unable to connect to the Internet. That's because the DNSChanger Trojan works its malicious mojo by intercepting DNS server requests sent by infected PCs whenever an Internet user clicks on a hyperlink or manually types in a URL. It's a fairly simple trick that resulted in about $14 million in illegal gains for the cybercrooks behind the scam.

If your PC is one of the 350,000 that are still infected, the Internet will essentially go dark beginning July 9. There a couple of different ways you can check. The first one is to visit DWCG's website and run through a quick (and free) diagnostic that simply entails clicking a URL. The second way is to manually check your system's DNS settings, directions for which can be found here (PDF).

Source: Forbes

Image Credit: DWCG