5 replies to this topic

[ShyWriter]

.


FBI Pulls The Plug On DNSChanger Network, Infected PCs Lose Internet Access [Updates]

July 10, 2012
By Matt Smith

On July 9^th, 2012 at 12:01am the FBI finally pulled the plug on a set of rogue DNS servers used by the trojan known as DNSChanger, potentially leaving hundreds of thousands without access to the Internet.

The malware has kept itself in the headlines because it changes the DNS settings of infected computers. Once changed, those computers have their traffic routed through servers set up by the hackers who developed the trojan.

FBI agents have long since caught up with the hackers responsible and captured the servers used to route traffic. But this presented the FBI with a problem – it could not shut down the servers because the infected PCs would suddenly lose Internet access.

An awareness campaign was launched to let users known of the potential threat. It included a site created by the DNS Changer Working Group that could inform visitors if their computer was infected. This has reduced the number of infected computers to around 250,000. Now, however, the servers are finally down for good – so those victims who remain infected are in the dark.

If you, or a friend, have suddenly experienced an unexplained Internet outage on one of your PCs there is a decent chance that DNSChanger is responsible. To remove it, visit the DCWG fix page on a computer that still has Internet access and download one of the many malware removal tools listed.

After you’ve removed the bug, check our coverage of the best free anti-virus programs and download one to keep your computer protected.

Source: CNET, DNS Changer Working Group

Steve

[DarkSnakeKobra]

Um, anyone else first notice they got the date wrong?

[mountaintree16]

Yeah wrong date.

At any rate, I hope the people had enough warning to fix it first... & likely their AV's were shut off too so hopefully they get that going when they are back on-line again...

[DarkSnakeKobra]

Yeah I hope these people get this fixed.

[sho-dan]

Malwarebytes gets a kind word right after the Trojan image at bottom from the author of this story. Click on DNSChanger under march 9th

or

Story URL addy http://www.makeuseof...break-internet/

[Elowan]

Despite repeated efforts at removal - DNSChanger is still on my system.. Furthermore even after 'removing' the malware and seeing it listed in Quarantine - a repeat scan 'detects' it again and it shows up again in the list in addition to the results of the first scan.

Any ideas?