Check Your DNS Settings Now! Combat DNSChanger!


DNSChanger as pictured on

(Reposted from C|net and other sources:)

Note: Following March 8, 2012 your computer if infected will lose internet connectivity and — if worst comes to worst — be redirected to malicious sites.

The malware scam DNSChanger that has affected numerous computer systems, including Macs, has been at least partly dismantled by the FBI’s Operation Ghost Click program. (But this program will be terminated in March 2012.)

DNSChanger is a Trojan horse that was distributed in many forms, and when installed it actively changes the infected system’s DNS settings to rogue servers that redirect legitimate searches and URLs to malicious Web sites that attempt to steal personal information and generate illegitimate ad revenue for the scammers.

The DNSChanger malware was first discovered around 2007, and since this time has infected millions of computers, around 500,000 of them being in the U.S., and through these computers the criminals have reportedly pulled in around $14 million in stolen funds. This success spurred the criminals to branch out from targeting Windows PCs to other platforms that include the Mac OS and also networking hardware such as routers, so entire networks could be scammed.

The Mac variants of the malware, found starting in 2008, were known as OSX.RSPlug.A, OSX/Puper, and OSX/Jahlav-C. These have been distributed through pornographic Web sites disguised as required video codecs for QuickTime, and as with the Windows versions, when installed the Trojan would change the system’s DNS settings to servers that would redirect legitimate Web URLs to malicious sites.

DNS resolution sequence

Image via Wikipedia

The DNS servers installed by the FBI replacing the rogue DNS servers will be switched off March 8, 2012!

Make sure you check your systems before that date. A quick check for your current settings can be performed by clicking on the link provided by the German Federal Office for Information Systems Security (BSI) or on 

More detailed instructions for Windows users:

Instructions for Mac users:

Instructions for Linux Users:

Instructions for Routers:

Read the full article:

About Hellmuth Broda

Independent Information and Communications Technology Strategist with an interest in the construction sites between business, society and technology.
This entry was posted in Internet, Security, Web and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s