DNSChanger Malware
DNSChanger Malware

Many internet users must be panicking on hearing the news that the Federal Bureau of Investigation (FBI) will block about 500,000 users around the world on Monday, July 9.

DNSChanger Malware
DNSChanger Malware

Yes, internet users, who have installed or downloaded a malicious program called DNSChanger, may not be able to access internet on Monday. The investigating agency has decided to crack down on this malicious malware that redirects users to fake advertising websites.

"The FBI has uncovered a network of rogue DNS servers and has taken steps to disable it. The FBI is also undertaking an effort to identify and notify victims who have been impacted by the DNSChanger malware. One consequence of disabling the rogue DNS network is that victims who rely on the rogue DNS network for DNS service could lose access to DNS services. To address this, the FBI has worked with private sector technical experts to develop a plan for a private-sector, non-government entity to operate and maintain clean DNS servers for the infected victims," said a statement by FBI.

What is DNSChanger Malware?

Accoring to FBI, DNS (Domain Name System) is an Internet service that converts user-friendly domain names into the numerical Internet protocol (IP) addresses that computers use to talk to each other.

Criminals have learned that if they can control a user's DNS servers, they can control what sites the user connects to on the Internet. By controlling DNS, a criminal can get an unsuspecting user to connect to a fraudulent website or to interfere with that user's online web browsing. One way criminals do this is by infecting computers with a class of malicious software (malware) called DNSChanger. In this scenario, the criminal uses the malware to change the user's DNS server settings to replace the ISP's good DNS servers with bad DNS servers operated by the criminal. A bad DNS server operated by a criminal is referred to as a rogue DNS server.

How to Fix Internet Shutdown?

Check if your computer is safe by visiting www.dns-ok.us, which is approved by the FBI. If you see green background, it means you are "safe", but red background signals "risk".

If you see 'red background', go to www.dcwg.org/fix to remove the malicious software. The site will guide you with steps to get rid of the virus.