It’s here, folks! If the replaced DNSChanger servers don’t get another deadline extension, more than 500,000* computers may not be able to reach their configured DNS service after next Monday, July 9, 2012. In other words, it will be practically impossible for the users of those computers to surf the Internet using human friendly domain names like www.eset.com. That’s right, many of the systems that were infected by DNSChanger still have the DNS (Domain Name Service) settings that were altered by the malware, even when the malware itself has been removed.
So, what exactly is DNSChanger?
If you have no idea what I am talking about, take a quick peek at one of our previously published posts:
- Time to check your DNS settings?
- DNS Changer (re)lived, new deadline: 9 July 2012!
- DNSChanger ‘temporary’ DNS servers go dark soon: is your computer really fixed?
Which countries had the most infections?
Courtesy of Shadowserver.org
How can you find out whether your system was affected?
Several web sites have been set up to provide a check-up service and additional information on the threat, such as dns-changer.eu or www.dns-ok.us.
How can you recover from it?
The malware can be completely removed from your computer using our free ESET Online Scanner and the system DNS can be re-set to use – for example – the Google Public DNS.
* Please, note that this number is an estimate and it is reflecting the fact that some IP addresses may be used by many systems.
Peter Stancik
Security Evangelist
