DNSChanger malware

There is malware that has been infecting both PCs and Macs called DNSChanger.    DNS stands for Domain Name System, which is the method that user-friendly addresses like thefamilyhelpdesk.com can be translated into an IP address like 72.233.69.6 which is usable by network to route packets on the internet (for more information on IP addresses see my glossary).   There is a setting for each of your computers/devices for the IP address of one or more DNS servers on the Net to make these translations for you in the background.  Most of you are getting this set by your router and ISP automatically.

What happens if malware is inserted into your device/computer that changes that mapping to a illegitimate DNS server.  The illegit server can then pose as a legitimate service and serve up illegitimate IP addresses to in essence highjack your machine by infecting it with additional malware.

Last fall, the FBI arrested some Estonian nationals for crimes related to DNSChanger.  They also inserted into the Internet a “safety  net” for infected systems in the USA so that they are not affected by this infection.  This safety net is scheduled to be removed on July 9th of this year.  It’s important to check your PCs and Macs to insure you’re not infected (there doesn’t seem to be any indication that this particular malware is an issue for smart phones, tablets and other devices).

To check, on each of your computers, go to this FBI website: DNS-OK.  If it indicates GREEN, then you’re OK.  If not, then go here for more information.

Suzanne Choney has written an informative article on this topic that I highly recommend that you read.

1 Comment

    Trackbacks

    1. DNSChanger malware may resurface Monday | reportergary.com

    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out / Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out / Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out / Change )

    Google+ photo

    You are commenting using your Google+ account. Log Out / Change )

    Connecting to %s

    %d bloggers like this: