DNSChanger is often a hidden threat
Up to one million users face an internet blackout on July 9 as managed malicious DNS servers are due to be shut down. The rogue DNS servers are currently in the control of the FBI, having been commandeered late last year.
It’s all because of a malware threat known as DNSChanger. DNSChanger alters DNS settings of infected computers, allowing cyber criminals to transparently redirect valid URLs to malicious sites. Malicious sites might mimic well-known services in an attempt to lure users to unwittingly handover passwords or credit card information.
Authorities in the United States ousted the Estonian criminals responsible for DNSChanger in November last year and have been operating the malicious DNS servers since to ensure continued internet access to those affected. The servers will be shut down on July 9. It’s believed that up to one million computers are still infected.
Google, however, has joined the fight. It has begun to detect and display warning messages to those using Google Search from infected machines and offer advice on how to rectify the problem. Google expects to notify around 500,000 of those infected within a week but inevitably, hundreds of thousands of users will still have their internet service disrupted come July 9.
With the help of CloudFlare we’ve implemented a similar warning system on this site. We’ll display a small warning notification only to those visiting from infected computers, so if you haven’t seen one by now you know you’re in the clear!
