Subscribe to the InfoTech eNewsletter

infoTECH Feature

July 11, 2012

Alert ID: DNS Changer, the Effects of the Malware Persist

Effective July 9, 2012, all unclean DNS servers were taken offline. This meant that users on both Windows PCs and Macs infected by the DNS Changer would no longer be able to find servers by name; which could mean no connection to the Internet.

DNS Changer, as the name suggests, changes your DNS server settings. It is malware, first discovered in 2007, that is intended to redirect unsuspecting users Internet traffic to malicious DNS servers controlled by cyber thieves. These are thieves that target easy victims, but are capable of infecting almost anybody or any system even with anti-virus protection.

If a PC is hacked by a cyber thief, a malware could infect a computer system that have yet to be cleaned; this could slow the browser’s performance or allow the thief to control the victim’s Internet traffic and Web navigation. It could also allow cyber thieves to perform illicit activities, including click fraud when users are sent to websites containing rogue ads from which the thieves profit.

For years, ISPs have worked with the FBI to keep people from installing DNS Changer software and to locate infected computers that been hit by this program. According to the DNS Changer Working Group, this is a malicious program that has infected millions of computers worldwide; there have been individuals, businesses and government agencies infected.

To be sure one is not infected by the DNS Changer malware threat, users should perform this check to make sure the computer is DNS Resolution = GREEN. If it is RED, it means the PC is infected and it may mean one has to clean up possible infections; the PC’s network DNS settings might point to unclean DNS servers or something is not right with the PC networks connections properties. To check this, users should go to the Internet Protocol Version 4 (TCP/IPv4) page and make sure all items are checked and set properly.

A RED indication may also prevent one’s anti-virus software and operating system from updating, thereby causing the PC to be vulnerable to other malicious software attacks.

Users that still need assistance on how to clear the DNS Changer program from the computer can contact their Internet Service Providers (ISPs); they are a good source as they are still continuing to monitor their own systems for the malware program as well as their customers' computers to alert them that infected systems will be taken offline until they are cleaned.

Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO West 2012, taking place Oct. 2-5, in Austin, TX. ITEXPO (News - Alert) offers an educational program to help corporate decision makers select the right IP-based voice, video, fax and unified communications solutions to improve their operations. It's also where service providers learn how to profitably roll out the services their subscribers are clamoring for – and where resellers can learn about new growth opportunities. For more information on registering for ITEXPO click here.

Stay in touch with everything happening at ITEXPO. Follow us on Twitter.

Edited by Brooke Neuman

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers