by Dude-Suit on Jul.06, 2012, under News
DNS Changer a trojan botnet/virus kicked off around 2007 and has been spreading ever since. It infected computers using malware which modified a computer’s DNS entries to point toward its own rogue servers, which then injected its own advertising into web pages. Those ads have made millions for the hacker group that created the trojan malware.
To help combat such a large infection due to DNS Changer, the FBI had of course taken down the botnet, but to help infected computers still be able to aquire ip addresses for sites on the internet they used the ip address the trojan redirected people to and setup a clean DNS server.
This Monday July 9, 2012 those temporary servers are being turned off by the FBI. So any infected computers at that time will not be able to pull up a webpage, access email, or any services online. The way DNS works is we know websites and such by domain names, you type in a domain name your computer contacts a DNS server which acts as a sort of “phone book” and looks up the domain name’s IP address and returns the IP back to your computer so it knows how to contact the server you requested. If your computer was infected with the DNS Changer trojan then after Monday you may be connected online but unable to surf the web, check emails, or do anything online.
There are some websites setup to test your system very easily to see if you have been infected.
Just go to this web address: http://www.dns-ok.us/
if the background block is Green then you are fine and not infected.
if the background block is Red then you are infected, but don’t fret here is some instructions to follow to fix your system and remove the DNS Changer malware.
This site has instructions for Windows XP, Vista, and 7 as well as Mac OS: http://www.dcwg.org/detect/
More information: http://en.wikipedia.org/wiki/DNSChanger