The warning is real but the
threat to block infected computers in March has been extended by four
months, according to a
2012 article in PC Mag.
In late June and early July several new agencies reported that the
deadline to check personal computers for this trojan is July 9, 2012.
The FBI believes that half a million computers have been infected after
a joint agency operation conducted in November 2011 apprehended 6
members of a computer hacking gang in Estonia.
The PC Mag article said "law enforcement authorities working with the
Federal Bureau of Investigation arrested six of the seven individuals in
Estonia responsible for infecting millions of Windows and Mac machines
worldwide with the DNSChanger Trojan. As part of the 'Operation Ghost
Click' raid, FBI agents also seized over 100 servers at data centers
throughout the United States masquerading as legitimate DNS servers."
The article also said that the Trojan switched the Domain Name System
settings on computers and routers it infected with different
addresses to rogue servers. When computer users accessed the Internet with their web browsing software, the DNS servers, under the
control of the criminals, would redirect their traffic to to other
sites. This resulted in the criminals bagging millions of dollars in
The FBI has posted a lookup form to
assist computer users to determine if their computers have been infected.
Some advance networking skills are required to be able to find the IP
Address of the computers to be tested.
Click for FBI page.
The PC Mag article also offered a link
to a more user friendly Trojan detecting utility:
Click for DNS Changer Eye at
If users have determined that their
computers have been infected they may go to this link for a free removal
tool provided by Avira:
Click for removal tool.
Computer users have until July to check their computers and make the
necessary repairs before infected computers get blocked off the World