clock menu more-arrow no yes mobile

Filed under:

PSA: Thousands of DNSChanger malware victims could be knocked offline today

New, 11 comments

Thousands of malware victims may lose internet connectivity next week as the Internet Systems Consortium removes temporary clean DNS servers setup to assist infected users.


Despite repeated notifications from Google, Facebook, and internet service providers, thousands of users infected with the DNSChanger malware may lose internet connectivity next week. Although infections have since decreased, fraudsters infected millions of machines worldwide with a virus that altered DNS information to route legitimate internet traffic to servers that would steal information such as passwords and credit card numbers.

The FBI disclosed the full details of the attack in November, revealing that the malicious servers powering the malware would need to continue running to ensure infected users could still access the internet. A court order, obtained by the FBI, allowed the Internet Systems Consortium (ISC) to deploy and maintain temporary clean DNS servers, but this system will be turned off on July 9th. Some internet service providers may have technical solutions in place to handle the problem, but others will provide help to customers to remove the malware and return DNS settings to normal.

It's estimated that there is still around 277,00 infections worldwide, despite a massive clean up operation. If you're concerned about your own PC, or family members, then there's a DNS checker website or more information over at the DNS Changer Working Group.