DNS Changer is a Trojan trying to alter the DNS settings on the compromised machine in order to serve malicious purposes. Personal information theft and browser hijacks are often part of the DNS Changer attacks. Experts report that banker Trojans, TDSS rootkits and other malicious software has been used in several DNS Changer attacks in order to improve their spyware capabilities and lower the security of the targeted system.
DNS Changer Aliases: Windows DNS Changer, Trojan:W32/DNSChanger, FBI DNS Changer, DNS Changer Trojan, Doomsday Virus, DNSChanger, Ghost Click Malware, Win32.DNSChanger, DNS Changer Malware, DNS Changer Virus, Ghost Click Virus.
DNS Changer Distribution and Infection
Mostly, DNS Changer is distributed via links spread through the social networks. Recently, many DNS Changer attacks have been using TDSS rootkits to gain access to the targeted machine. Computers running Windows are the target of the DNS Changer attacks. By abusing the DNS settings, the attackers can transmit online traffic, which lets the DNS Changer a perfect tool in many different hijack-based attacks. For example, to cause redirects to phishing websites, disguised as legitimate ones. This way the DNS Changer can steal personal information and login credentials by requesting the user to log-in to his supposedly real account. The DNS Changer can also redirect the user’s browser to fraudulent web pages created to generate pay-per-click revenue for the authors of the attack.
DNS Changer can be installed by rootkits like TDL4 rootkit that may trigger other types of attacks on your computer. The security of your system should be considered majorly reduced until you remove the threat with a reputable AV product.
Experts have discovered examples of DNS Changer attacks where the settings of a communal modem or router have been changed, and the ones on a private computer. Users are advised to strong passwords and login names in order to avoid device hijacks and other, similar computer threats. Even if a machine itself is not infected by DNS Changer, it may experience the infection’s consequences if it uses infected routers.
DNS Changer – How to Protect Your System?
Since DNS Changer alters the DNS settings on the compromised machine, users may have to set them back to normal after the infection has been deleted. The different versions of DNS Changer use various methods to hide their presence on the affected computer. Some variants can harm certain drivers and if the user tries to restore them from backup copies the infection itself may get restored.
Here are a few suggestions on how to prevent DNS Changer infections:
- Make sure to use unique and long usernames and password when you create online accounts
- Pay attention to the activity of the other PCs in your network
- Be careful with PC threats that are disguised as legit programs and program updates
- Always use trustworthy AV products and keep them up-to-date
Spy Hunter FREE scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the malware tool. Find Out More About SpyHunter Anti-Malware Tool