The DNSChanger malware is a nasty piece of software, which, at its core, is about tricking the infected user into giving up personal information that can be harvested by the deviant programmers, normally for their own personal gain. The malware in question, which is the current top trend in the computer security industry, is so widespread, the FBI has its own PDF instructing those who are infected about the options they can take to remove this particular strain of malicious computer software.
So much so, in fact, that Google has gotten involved in the prevention movement, going as far to inform infected parties of their condition when a Google search is conducted. Google does so with the following message:
Click for larger image
Your computer appears to be infected
We believe that your computer is infected with malicious software. If you don’t take action, you might not be able to connect to the internet in future.
Learn how to remove this software.
As you may or may not know, the criminal ring responsible for the DNSChanger malware was broken up by an international sting that included the FBI. The problem is, even though the criminals responsible for the infection have been neutralized, the infected systems remained. To provide time for users to correct the situation, the enforcement agencies allowed the servers that powered the DNSChanger to remain active, but only until July 9.
After that, any infected computer would, theoretically, would not be able to connect to the Internet because the servers the malware redirects infected users to will no longer be online. With that in mind, this is where Google’s efforts kick in. While Google’s helping hand seems praise-worthy, some also see it as something else that can be mimicked by other malicious developers in order to trick unsuspecting users–of which, there appears to be a lot–into further malware infection.
Ah, the joys of dealing with phishing attempts.
If you’re worried about getting caught on a phishing hook, other potential solutions include a look up service provided by the FBI, which checks to see if a machine is infected. If you’d like to be a little more thorough, the DNS Changer Working Group (DCWG) has a in-depth detection page, featuring a step-by-step guide for those of you who may be overwhelmed by the idea of working with your computer without outside intervention.
The group also has a number of suggestions in regards to cleaning an infected system, all of which involve installing cleaning/removal software from companies like Microsoft, Kaspersky, and McAfee. This is similar to Google’s malware information page, which hammers home the idea that this is not about which detection system you choose. It’s about getting infected machines cleaned, preferably, before the DNSChanger servers are shutdown, something that’s still scheduled for July 9 of this year.