Jump to content

FBI Pulls The Plug On DNSChanger Network, Infected PCs Lose Internet Access [Updates]


Recommended Posts



FBI Pulls The Plug On DNSChanger Network, Infected PCs Lose Internet Access [updates]

July 10, 2012

By Matt Smith


On July 9th, 2012 at 12:01am the FBI finally pulled the plug on a set of rogue DNS servers used by the trojan known as DNSChanger, potentially leaving hundreds of thousands without access to the Internet.

The malware has kept itself in the headlines because it changes the DNS settings of infected computers. Once changed, those computers have their traffic routed through servers set up by the hackers who developed the trojan.

FBI agents have long since caught up with the hackers responsible and captured the servers used to route traffic. But this presented the FBI with a problem – it could not shut down the servers because the infected PCs would suddenly lose Internet access.


An awareness campaign was launched to let users known of the potential threat. It included a site created by the DNS Changer Working Group that could inform visitors if their computer was infected. This has reduced the number of infected computers to around 250,000. Now, however, the servers are finally down for good – so those victims who remain infected are in the dark.

If you, or a friend, have suddenly experienced an unexplained Internet outage on one of your PCs there is a decent chance that DNSChanger is responsible. To remove it, visit the DCWG fix page on a computer that still has Internet access and download one of the many malware removal tools listed.

After you’ve removed the bug, check our coverage of the best free anti-virus programs and download one to keep your computer protected.

Source: CNET, DNS Changer Working Group


Link to post
Share on other sites

Yeah wrong date.

At any rate, I hope the people had enough warning to fix it first... & likely their AV's were shut off too so hopefully they get that going when they are back on-line again...

Link to post
Share on other sites

  • 1 month later...

Despite repeated efforts at removal - DNSChanger is still on my system.. Furthermore even after 'removing' the malware and seeing it listed in Quarantine - a repeat scan 'detects' it again and it shows up again in the list in addition to the results of the first scan.

Any ideas?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.