DHS Appeals to Users Still Infected with DNSChanger

The Department of Homeland Security is the latest agency to appeal to U.S. consumers to check their computers for signs of DNSChanger malware before they are knocked offline in a couple of months.

The Department of Homeland Security is the latest agency to appeal to U.S. consumers to check their computers for signs of DNSChanger malware before they are knocked offline in a couple of months.

Rand Beers, undersecretary for the National Protection and Programs Directorate, implored users to test their home and office computers for the trojan, which infected more than 4 million machines in 100 countries before law enforcement officals took down the sophisticated fraud ring. As part of “Operation Ghost Click,” authorities took command of implicated DNS servers and redirected compromised computers to surrogate servers. Those servers now must be taken down July 9 by court order. At that time, any machine still tethered to the temporary servers will be forced offline.

“I encourage everyone to keep your operating system, browser, and other critical software optimized by installing updates,” Beers wrote in a blog post on the DHS Web site. “And, you can assess your own computer’s susceptibility for the DNSChanger malware at the industry-wide DNSChanger Working Group website.  In fact, I just tested my computer at home – the process was simple, straight-forward, and only took a few minutes.”

As of last month, 84,000 U.S. computers were still  tied to the “clean” servers put up for the FBI by the Internet Systems Consortium. The number worldwide is around 350,000. A Kindsight Security Lab malware report released today for Q1 ranked DNSChanger as the most prevalent high-level infection with 1 in 400 households still infected.

Federal officials this spring began recommending people scan their machines with a number of free tools, including one widely publicized scanner on the Working Group’s web site. But a security expert cautioned it can create confusion from inconsistent findings.  One suggested solution is to download AV software that scans for DNSChanger, rather than rely solely on one of sites on the FBI’s Check-up List.

Some also say more education (and help) is needed to help consumers remove the malware and reconfigure their machines to use their ISP’s DNS servers.

In the meantime, DHS’s Beers is asking everyone to help spread the word to reduce the number of machines still carrying the troublesome trojan. “DHS is committed to ensuring cyberspace supports a secure and resilient infrastructure, enables innovation and prosperity, and protects privacy and other civil liberties by design, but we need everyone, including our industry partners and the general public to do their part.”

Suggested articles

Discussion

  • Barb on

     How long before you have a way to detect and a fix for WINDOWS VISTA ???? Is there a way to do it now ? How???

  • Anonymous on

    best fix for Windows Vista is not using Windows Vista.  :)

    i know its not the answer you're looking for.. sorry

     

     

     

     

     

     

  • Anonymous on

    I think the real people here is the same story i hear all the time. "apple does not have viruis". people belive the mac means no more problems. so the ignore the fact that they are infected.  this of course lead to the mac os being the worst os as it lead people to have a warm a fuzy felling as they are having people rip all the money out of their back (what is left after buying all apple brand)

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.