Reminder: Double-Check For DNSChanger

On July 9 (US time — we’re already there in Australia), the FBI will be switching off the temporary solution it set up to help people work around the DNSChanger malware. Lifehacker readers are often the go-to tech support for their friends and family, so if you want to avoid a phone call tomorrow from someone whose internet access has suddenly stopped working, it could be worth reminding them to check.

Anyone who regularly patches their computer and who runs security software shouldn’t have been affected by DNSChanger (which changes domain name service settings, forcing infected users to different sites) in the first place. However, millions of people either don’t patch or have out-of-date security software. And while DNSChanger itself isn’t an issue in security terms (it was shut down by the FBI last November), there’s still a potential problem.

After shutting down the operators of the DNSChanger malware, the FBI temporarily set up redirects using those DNS servers so that infected users wouldn’t be impacted. However, that temporary service is being switched off on July 9.

Checking if a machine has the problem is fairly straightforward; just hit the DNS-OK site run by the Australian Communications and media Authority and CERT, and you’ll see a message confirming if there’s an issue. If there is an infection, you’ll may need to change the DNS settings to the appropriate options for your internet service provider — a much easier task while the machine is still connected.

You should also install security software on the affected machine, since clearly it has been vulnerable to malware in the past. Check out our guide to securing someone else’s computer for more information.



3 responses to “Reminder: Double-Check For DNSChanger”

Leave a Reply