DNSChanger Trojan Still Prevalent In 350K Computers – FBI, Usenetreviewz, and VPNReviewz Warn

Share Article

The FBI ended a major online DNS threat last year, but the arrest of the criminals, and killing the servers would have left millions without internet service, so the servers were replaced. Here’s how to find out if you could lose your internet connection July 9th.

best paid and free vpn services

VPNReviewz Reviews the Best VPN Services

When a computer connects to the internet, the first thing it will look for is the DNS nameserver in the internet settings, and if those servers were suddenly “Turned off” millions would have lost their internet connections.

Last year the FBI and international police participated in an operation called “Operation Ghost Click” in which a group of Estonian hackers had distributed various DNS changing programs around the internet. According to VPNReviewz CEO Michael Maxstead, the bots distributed would change the users computers DNS settings, and all the users DNS solutions would be served by the hackers nameservers. DNS servers that, “would send the user to websites that would then install scripts to essentially strip the computer of all personal data.”

After The Bust

According to Tweets from UsenetReviewz to their users, “Time is running out.” The time referred to is the July 9th deadline for the servers that the FBI and the Internet Systems Consortium are running. The bogus nameservers were replaced with legitimate ones to avoid the sudden shutting down of the internet for the millions of people that were affected. When a computer connects to the internet, the first thing it will look for is the DNS nameserver in the internet settings, and if those servers were suddenly “Turned off” millions would have lost their internet connections.

350,000 Still Using The Replacement DNS Servers

The FBI is reporting that there are still at least 350,00 computers still infected with the DNSChanger Trojan. VPNReviewz CEO reminds their readers that even though they use a VPN, there is still the “possibility of being infected with the DNSChanger.” The also warn that in spite of their VPN’s controlling the DNS nameserver, there are times that the user may not need, or desire, to use the VPN service, and this is where their problems will begin. Usenetreviewz is warning their readers as a public service reminder for all their Usenet community readers. UsenetReviewz.com also says that, “Getting rid of the virus is usually fairly easy…now”

Detection And Elimination

VPNReviewz.com sends their readers to one of the rough-looking checker websites, but Maxstead warns that, “The checker isn’t 100%, there are flaws in the system, but fortunately, we already know about them.” He explains that in cases where the router is infected, but the computer isn’t, it will show red. As if the computer is infected. Also if your ISP engages in redirecting your DNS requests, you could show up a okay, when in fact you have the virus. The more tech-savvy Usenet community readers get the advice of “Do the manual check, it’s easy and the only real way to know for sure.” But the list the checker website: http://www.dns-ok.us/

Manual Check – It Isn’t All That Hard

If a manual check of the DNS nameserver system is desired, then here are the steps for Windows XP and newer:

  •     Click on: Start-->run-->then type “cmd” in the box, no quotes.
  •     Type in the command window, “ipconfig/all” again no quotes.
  •     Scroll down through all the other data and find “DNS servers.” This will either look like this:, if it looks like this: fec0:0:0:ffff::1%1, then your router uses IPv6 and you can’t manually check the connection. Write the addresses of the nameservers you are using down.
  •     Go to: https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS, and enter your DNS server addresses into the checker box and hit the “Check Your DNS” button. Your results will only take a few seconds.

If You Have DNSChanger In Your System

In the beginning days the FBI was advising people to completely wipe their HDD and reinstall the Operating System. But for most people this just isn’t a practical option. VPNReviewz.com offers up several anti-virus options that can be tried before such extreme measures are taken. They suggest Kapersky’s TDSSKiller, McAfee Stinger, and Hitman Pro, in their list of antivirus software to try first. The virus has been known to install itself as deep as the Master Boot Record, and so, “Several methods needs to be tried before complete reinstallation,” Maxstead said.

If you would like to learn more about the DNSChanger Trojan, or Virtual Private Networking, then just visit VPNReviewz.com.

Michael Maxstead analyzes and tests VPN providers and services and publishes the results on the VPNReviewz. The UsenetReviewz.com team examines and tests many different Usenet community providers, publishing their impressions of each.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Michael Maxstead
Follow us on
Visit website