Thursday, July 5, 2012

What to do if your computer loses Internet access on Monday due to DNS Changer Malware

What seems to be the problem?
In November 2011 FBI, the NASA-OIG and Estonian police attested cyber criminals in 'Operation Ghost Click'. The criminals used to distribute DNS changing viruses. What they did was operate a botnet around the world and infected people's computers altering their DNS settings. DNS settings are the settings your computer or PC uses to connect to the internet. If the settings are changed or altered - your PC will not be able to connect to the internet.

How does it work?
So once your computer's DNS settings are changed when you type in a URL in the search bar. you will not be taken to the site you intend to go. Instead infected computers will throw-up sites that are malicious and misleading designed to trick you into giving your personal information.  Also pointing users to dangerous products. When users click on the ads that accompany these pages the bad-guys stand to make millions of dollars. 

Why are computers being affected now?
When the FBI discovered this problem they found and took down the servers the criminals were using. This prevented users computers from facing further problems. The agency then activated replacement servers as a safety net. The system is being being shut down as of 12:01 a.m. ET on Monday.

How many computers were affected worldwide?
The Malware is supposed to have spread to 570,000 machines worldwide and about 64,000 windows PCs in the US. 

How to check if my PC has been infected?
You can go to  which is an FBI approved website and by simply visiting the site you will be show a green or red image. Green if you PC is clean and red if it is infected. In fact Google and Facebook will also be letting users know if their machines carry the DNS changer Malware. 

What to do if I find my PC is infected with the DNS Changer Malware?
Go to for more instructions on what to do if your PC is infected. If your PC is unable to connect to the internet you can always contact your internet service provider for guidance on how to change your DNS settings. you would also need to make sure that the virus is cleaned from your system by your internet service provider. 
Source: USA Today via Chron

An original post by


No comments:

Post a Comment