DNSChanger, also referred to as DNS Changer and nicknamed the “Internet doomsday” virus, is a type of malware used by hackers to change a user’s DNS server settings, replacing the ISP‘s valid DNS servers with rogue DNS servers operated by the hacker or a third party.
In November 2011 the U.S. FBI discovered a network of rogue DNS servers that were being sent traffic by computers infected with the DNSChanger malware. The FBI disabled these servers and replaced them with servers that would share valid DNS addresses.
However, in a cost-cutting move the FBI shut these servers down on July 9th, 2012, which meant computers still infected with DNSChanger would no longer be able to access the Internet unless the DNS settings for these computers were redirected to new, “clean” DNS servers.
A website set up by the group responsible for the FBI’s servers (the DNS Changer Working Group) has been created to help users diagnose computers and remove the DNSChanger malware if necessary.
