In November, we posted an article informing you of (Operation Ghost Click), an investigation that resulted in the arrests of a ring of seven people who allegedly infected millions of computers with DNSChanger malware. Per court order, the FBI was being allowed to provide clean servers until March 8th. That expiration date has now been extended until July. Computers that are infected with the DNSChanger malware may lose Internet connectivity when these FBI servers are taken offline.
The Federal Bureau of Investigation (FBI) has written a data sheet regarding DNSChanger malware. The FBI’s data sheet also includes information on how to check your computer for this malware (you are urged to do so) and mitigating steps you should take if your computer is infected. However, according to the FBI’s article, there is currently no single patch or fix that can be downloaded and installed to remove this malware.
Note that to determine if a computer is using rogue DNS servers, it is necessary to check the DNS server settings on the computer. If the computer is connected to a wireless access point or router, the settings on those devices should be checked as well. In addition, the Agency has stated that It is quite possible that computers infected with this malware may also be infected with other malware.
As a reminder, individuals who do not have a recent back-up of their important documents and other files should complete a back-up before attempting to clean the malware or utilize the restore procedures that may have been packaged with your computer.
