dnschanger

One of the more widespread malware attacks that has affected Macs, Windows-based PC systems, and even network hardware such as routers is the DNSChanger Trojan, which has also been known as "RSPlug," "Puper," and "Jahlav."

This Trojan was first discovered in 2007, and was able to infect millions of PC systems worldwide. It remained active until 2011 when an FBI sting called Operation Ghost Click resulted in the arrest of an Estonian crime ring and seizure of the rogue DNS network used to maintain the attack.

The DNSChanger malware worked by setting up a … Read more

The FBI is warning that hundreds of thousands of people could lose their Internet connections come July, unless they take steps to diagnose and disinfect their computers.

The problem is related to malware called DNSChanger that was first discovered way back in 2007 and that has infected millions of computers worldwide.

In simple terms, when you type a Web address into your browser, your computer contacts DNS (or Domain Name System) servers to find out the numerical Internet Protocol (IP) address of the site you're trying to reach, and then it takes you there. DNSChanger fiddled with an infected … Read more

Today's malware purveyor bears little resemblance to the outcast-teenage-loner caricature popular in days past.

Last November the FBI's Operation Ghost Click led to the arrest of six Estonians charged with promulgating the DNSChanger malware, which the FBI claims allowed the gang to steal $14 million by manipulating the servers of online advertisers. Unfortunately, DNSChanger is estimated to have infected 100 million computers worldwide and 500,000 in the U.S., many of which haven't yet been disinfected.

CNET blogger Topher Kessler describes in the MacFixIt blog how the Trojan horse works. Yes, Macs are as susceptible to … Read more

Last year's DNSChanger malware scam was an effort by a small crime ring of Estonian nationals to steal personal information. The scam worked by distributing malware that when installed would change the user's DNS settings to point to the crime ring's rogue DNS network. Since the DNS system is essentially the Internet's phone book, this allowed the crime ring to route seemingly valid Web site URLs to malicious servers.

Using this malware, the crime ring was able to get personal information and use it to steal millions of dollars before the FBI's Operation Ghost Click sting … Read more

One of the more widespread malware efforts over the past few years was the DNSChanger scam, which installed a Trojan horse that would change the DNS server settings on affected computers to divert traffic to rogue servers.

The DNS system is essentially the Internet's phone book that allows your computer to resolve a URL to the IP address of the server that hosts its contents. By changing a computer so that it uses a rogue DNS server, the DNSChanger malware was thus able to redirect valid URLs (such as those for banking institutions) to malicious Web sites in order … Read more

If you've been familiar with the malware scene over the past few years, you know one of the prominent attacks on personal computers and information has been the DNSChanger scam.

DNSChanger is a Trojan horse that was distributed in many forms, and when installed it actively changes the infected system's DNS settings to rogue servers that redirect legitimate searches and URLs to malicious Web sites that attempt to steal personal information and generate illegitimate ad revenue for the scammers.

The DNSChanger malware was first discovered around 2007, and since this time has infected millions of computers, around 500,… Read more