DNS Changer Malware May Shutdown Half a Million Computers

DNS Changer Malware May Shutdown Half a Million Computers

Would you share this Article with others?

Google is currently displaying a warning message in the search results of computers that are infected with the DNSChanger malware. They are doing this to help prevent 500,000 computers from going offline July 9, 2012. The DNSChanger malware is a trojan horse (malicious software) that changes your DNS (Domain Name Services) settings to redirect you to a malicious website.

Your DNS is responsible for translating a domain (onlinethreatalerts.com) into an IP address number so that a website can be located on the internet. The internet is made up IP addresses similar to your telephone system. Every website has an IP address number (, just as how every telephone has a number (921-555-4586).

When you type www.onlinethreatalerts.com into your browser, it sends the domain name to your DNS, which searches for the name and returns the IP address. With the IP address, your browser can locate www.onlinethreatalerts.com on the internet. Without the DNS around the world, the internet would not work properly, unless you have the IP addresses of the websites that you are visiting. Just think about your cell phone contacts; it is easy to search for a name and call the person who you want to talk to. What if you didn't have your phone book; it would be difficult to find someone's phone number by just looking at numbers only.

If the DNSChanger malware changes your DNS settings, it means that you will be taken to a malicious website, when you type the name of a legit website in your browser.

Let us take your cellphone contacts as an example:

If someone goes into your cell phone book (contacts) and changes the phone numbers of your contacts, when you dial the contacts by name, you will be calling someone else, instead of the names of the persons that you have dialed. That is what the DNS changer trojan does to your computer DNS settings.

Google displaying a warning message in the search results, of a computer that is infected with the DNSChanger malware.

Google displaying a warning message in the search results, of computers that are infected with the DNS changer malware

The FBI was able to arrest the persons behind this scam, but they are not able to remove the DNSChanger malware from the over half of a million computers infected.in order to prevent those computers from going offline, the FBI converted the DNS servers used by the scammers to a legitimate one. This was done to give the persons with the infected computers, sufficient time to remove the malware from their computers.

These converted DNS servers should have been taken down on March 9, 2012, but was postponed until July 9, 2012. If the malware from the infected computers is not removed, they will not be able to browse the internet on and after July 9, 2012.

You can use the following websites, to check if your computer is infected with the DNSChanger malware:

Use the following tools to remove the DNS Changer malware:

Note: Some of the names, addresses, email addresses, telephone numbers or other information in samples on this website may have been impersonated or spoofed.

Please share what you know or ask a question about this article by leaving a comment below. Check the comment section below for additional information, if there is any. Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com. And, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent. Also, to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts (OTA) by paying a service fee. Click here to make payment.

Recommended by us: Malwarebytes Endpoint Protection provides what your antivirus can't: complete confidence. Its powerful technologies detect and remove zero-hour malware engineered to evade standard endpoint security.
Comments, Questions, Answers, or Reviews
There are no comments as yet, please leave one below or revisit.

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

Write Your Comment, Question, Answer, or Review
Write your comment, question, answer, or review in the box below to share what you know or to get answers. NB: We will use your IP address to display your approximate location to other users.
Your comment, question, answer, or review will be posted as an anonymous user because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

DNS Changer Malware May Shutdown Half a Million Computers