DNSChanger is Trojan horse malware which effectively modifies DNS settings to those of rogue servers which then redirect legitimate searches and URLs to malicious sites in order to steal personal information and generate illicit ad revenue.
The DNSChanger malware was first discovered around 2007, it has since been widely distributed in a variety of forms and infected millions of computers worldwide, including around 500,000 in the U.S. alone. Mac OS machines are equally susceptible.
Specialist malware detection and removal tools have since been developed to help combat the threat, and most brand name anti-virus products now also include specific definitions for detection and removal.
Simply shutting down the rogue DNS servers immediately would have left people using infected PCs without any Internet connection, so the FBI opted to temporarily legitimize the bad servers thereby allowing affected users time to disinfect. The servers were initially set to go offline on March 6, but many systems haven’t yet been disinfected so, earlier this month, the deadline for pulling the plug on the servers was extended to July 9.
Apart from running anti-malware utilities to detect and [possibly] remove the DNSChanger trojan, Windows users can now go to a special page where they can check to see if their machine is infected.
Simply click on a link appropriate to your language. The test is very quick, and if the results do indicate your machine is infected, just follow one of the links below the table to download a free program which is known to successfully remove the the bug.
Check for DNSChanger infection HERE
A free removal tool for Mac OS X users is available HERE.
More information regarding DNSChanger and steps taken by the FBI HERE