U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

DNSChanger Malware

Original release date: April 24, 2012 | Last revised: October 23, 2012

US-CERT encourages users and administrators to ensure their systems are not infected with the DNSChanger malware by utilizing tools and resources available at the DNS Changer Working Group (DCWG) website. Computers testing positive for infection of DNSChanger malware will need to be cleaned of the malware in order to maintain continued internet connectivity beyond July 9, 2012.

On November 8, 2011, the FBI, NASA-OIG, and Estonian police arrested several cyber criminals in "Operation Ghost Click." The criminals operated under the company name "Rove Digital," and distributed DNS changing viruses, variously known as TDSS, Alureon, TidServ, and TDL4 viruses.

Additional information about Operation Ghost Click and the DNSChanger malware is available at the FBI website.

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top