McAfee Offers DNSChanger Lifeline As Doomsday Approaches

DNSChanger servers are set to be cut off next Monday, as McAfee releases a tool to help those infected stay connected

Intel-owned McAfee is hoping to save those infected by the DNSChanger Trojan from being cut off from the Web.

On 9 July, the FBI is set to pull the plug on servers used to run the DNSChanger botnet, meaning approximately 300,000 machines still connected to the malicious network won’t be able to access the internet, unless they change their DNS settings. Nearly 20,000 users in the UK are thought to be affected.

The Trojan changed victims’ DNS settings to take them through to websites of their choosing via command and control servers, making millions of dollars for the criminals through a click-fraud scheme. After a successful investigation last year, the fraud scheme was closed down, but the control servers were left running as they are the only way infected machines can connect to the Internet.

The FBI was compelled to delay the cut-off date from March to July over fears that thousands of businesses would be left without normal Internet access.

McAfee makes DNSChanger exit route

A new McAfee tool looks to make it simple for users to check whether they have been affected by the malware, whilst providing a free solution to change DNS settings.

“Identifying and changing these settings manually can be difficult,” said Vincent Weafer, senior vice president, McAfee Labs.  “By providing a free tool that walks them through the process, we’re making it easy for consumers to fix their settings and stay connected.  For us, this is part of our relentless focus on protecting and liberating consumers so that they may safely experience everything the Internet has to offer.”

ISPs, Google and Facebook have been warning infected users, but McAfee is claiming to be the first to offer a tool to lead them through the process of changing DNS settings.

Those carrying DNSChanger who don’t change their settings by Monday will only be able to visit websites if they type in the IP address of the site they want to go to in their browser.

If you think you know IT security inside out, try our quiz!