DNSChanger-infected machines won't be disconnected, for now
Posted on 07.03.2012
It's good news for the owners of the computers still infected by the DNSChanger malware, as a US Federal Judge agreed with the Attorney's Office's formal request to keep the DNS servers to which the computers are connected running until more - ideally all - of those computers are cleaned.

Following the dismantling of the gang behind the botnet via Operation Ghost Click in early November of 2011, the original servers were replaced by clean ones run by the Internet Systems Consortium and monitored by the DNS Changer Working Group. The final shutdown of those servers was planned for March 8.

But unfortunately, the clean-up process of some 4 million infected computers took longer than expected, and by the end of February, 400,000 computers still remained infected.

Even the US government was worried that it wouldn't be able to clean all the infected computers in its agencies despite employing its own threat-monitoring system to find them.

So, the request to the court was made, and finally granted this week mere days before the shutdown deadline. As things stand, the deadline has been pushed to June 9, and ISC is required to report on the status of the cleaning process in May.

For users who want to make sure that their computer hasn't been compromised by the malware in question, the FBI has made public a step-by-step guide for discovering the infection.

Windows users can also take advantage of the Qualys BrowserCheck plug-in which is also equipped with DNSChanger detection capabilities.


Check out the Windows 10 security features

The release of Windows 10 brings a number of security upgrades that look good on paper, but as with all new products to market, it is advisable that organisations carefully plan any upgrades.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Jul 30th