FBI Crack down on DNSChanger Malware, Six arrested in Estonia
The DNSChanger Trojan quietly alters DNS settings on affected machines allowing the hijackers to redirect web traffic on affected hosts. It is said to still be present on an estimated 500,000 machines in the United States.
The FBI recently, in co-operation with Estonian authorities, arrested six men suspected of developing and managing the Trojan software. The arrests took place in co-ordination with seizure of the DNSChanger infrastructure.
The DNSChanger servers are being used as regular DNS resolvers for the time being to ensure working services to those infected. Infected computers should be moved to regular DNS servers before the FBI scheduled the shutdown of the infrastructure on March 8th.
The FBI has produced a corresponding document explaining how to tell if you are infected and the actions you can take: https://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf.
Mitch Mahan, PEI