Dealing with the DNSChanger Worm
You’re here because your computer is infected with the DNSChanger worm. Back in late 2011, the FBI took over operation of malicious servers used by DNSChanger that are providing you with a critical Internet service called DNS. The FBI will be shutting down these servers on July 9, 2012, at which point your Internet will no longer work. To ensure uninterrupted Internet access, simply follow these three steps:
1. Clean and repair your machine
First you need to remove the DNSChanger infection from your computer. The DNS Changer Working Group has some recommendations on how to fix your computer if you are infected. Do this before you take step 2 and switch to OpenDNS.
2. Update your DNS settings
Now that you’ve removed the DNSChanger malware, it’s time to set your DNS properly. Generally, you have two choices — you can use the DNS servers provided by your ISP (usually these DNS servers are assigned automatically) or use a third-party DNS service.
We are one such provider of DNS services, focused on security and speed, but there are others such as Google DNS and DNS Advantage.
If you want to use the DNS servers provided by your ISP you will have to contact them for the specific instructions on how to configure them.
3. Arm yourself with knowledge
For more information about DNSChanger, please visit the following resources:
- The DNSChanger Working Group
- Information about DNSChanger from the Federal Bureau of Investigation (FBI)
- Background on DNSChanger from CNET
DNSChanger’s malicious DNS servers were being used to automatically and involuntarily convert the DNS settings of millions of people around the world, then using that control to redirect valid URLs to malicious sites. Some reports even claim that more than half of the Fortune 500 companies showed signs of infection and it’s said that the crime ring operating DNSChanger profited $14 million in stolen funds.
The FBI took over the servers, but realized fast they couldn’t simply shut them down. To do that would immediately take all infected Internet users offline, as without DNS it’s as though the Internet doesn’t work.
Instead the FBI and other invested groups have campaigned for infected people to switch their DNS proactively to a secure service like OpenDNS before they finally discontinue operation of the servers. The final date for you to do this is July 9, 2012, but today is even better.
Who is OpenDNS?
OpenDNS is the world’s largest and most trusted provider of secure DNS. Tens of millions of people around the world — in homes, 1 in 3 U.S. public schools and Fortune 10 enterprises, alike — rely on OpenDNS every day for safe, fast and reliable DNS. When the Conficker virus infected millions, OpenDNS was there to save the day. When the famed Kaminsky DNS vulnerability was revealed to the world, OpenDNS was the only DNS service unaffected. When ISP’s Internet goes down, people flock to OpenDNS. And now that DNSChanger malware is threatening your Internet security, it’s a better time than ever to make the switch. You’ll be glad you did.