FBI to disable DNSChanger protection: are you safe?

By on
FBI to disable DNSChanger protection: are you safe?

Despite being identified and a fix being published, the DNSChanger trojan is still out there. Here's what you need to know.

What is a trojan?

A trojan is a small computer program that looks OK but harbours a malicious payload. A typical way for a trojan to get on to your computer is for you to download a file - like a free movie or program that purports to be useful - that contains some malicious computer programming.

What is DNS?

DNS is the system that runs on the Internet and translates web addresses into computer addresses.  For example, it's a DNS server that takes www.bit.com.au and directs you to the specific computer that holds the website.  That way, if www.bit.com.au is moved to a different server, you don't need a new web address. All that changes is the DNS record so that you're redirected to the correct server.

What does DNSChanger do?

The DNSChanger trojan changes the DNS server record on your computer. As a result, when you try to visit any website, you're redirected to a different site. For example, you try to visit www.bit.com.au but end up being directed to www.evilsoftwarecompany.com.

That site typically contains other malware that infects your computer and potentially creates real havoc with your system.

The problem isn't with the site you intended to visit but with your computer and the infected DNS server.

DNSChanger affects Macs and Windows systems.

What's the impact?

DNSChanger was reported earlier this year. Almost immediately, free services were setup online to let you know if your system was infected. The ACMA set up a local site for detecting DNSChanger.

The FBI took steps earlier this year to shut down DNS servers that were affected by DNSChanger so that infected computers were protected. However, that protection will be lifted on 9 July 2012. If you're computer is still infected, your access to the Internet may stop.

How do you remove DNSChanger?

Fortunately, there are plenty of tools for removing DNSChanger. Start by visiting the ACMA website to check if you're infected.

If you are, then make sure your antivirus software is up to date and do a full system scan.

Use an uninfected computer to download a DNSChanger removal tool. There are several on the Internet but searching the website of your antivirus supplier will find a tool that works. Put it on a USB stick and run it on your computer.

When it's finished working, go back to the ACMA website and check again.

UPDATE: Bitdefender has released a free Bitdefender DNS Changer Fixer for correcting your Internet settings.

Copyright © BIT (Business IT). All rights reserved.

Most Read Articles


What would you like to see more of on BiT?
How To's
Photo Galleries
View poll archive

Log In

  |  Forgot your password?