Computers infected by DNSChanger get 4-month reprieve

Computers infected with the DNSChanger malware will get a four-month reprieve from being disconnected from the Internet, thanks to a court ruling.

 

The United States government secured an extension that would keep infected computers online until July 9, tech site The Verge reported.

 

"While the instances of DNSChanger appear to have dropped significantly, the original 120 days to clean out the malware apparently wasn't enough," The Verge said.

 

DNSChanger redirects an infected computer to visit an alternate - and likely malicious - websites.

 

Systems that are infected presently access the Internet through temporary DNS servers that replaced the rogue servers seized by the Federal Bureau of Investigation.

 

An estimated four million computer systems, many of which belong to Fortune 500 companies, are infected with the malware, The Verge said.

 

A New York court initially set March 8 as the date when infected systems would be cut off from the Internet.

 

Still infected

 

The Verge said that over the last month, the temporary servers routed an average of 430,000 infected IP addresses according to the government request for extension.

 

It cited security firm Internet Identity as saying at least 94 Fortune 500s and three major government agencies are still infected with DNSChanger.

 

"It's estimated that DNSChanger generated close to $14 million in illicit advertising money via click hi-jacking and replacing online ads. The six individuals who were allegedly responsible for releasing the malware have been cleared for extradition by an Estonian court to face trial in the US," it said.

 

Hijacking

 

A separate report on The Hacker News said the malware works by modifying their computers' domain name system (DNS) settings and redirecting them to the criminals' servers. — TJD, GMA News