Over 20,000 DNSChanger virus hit PCs in India, warns McAfee

McAfee warns that nearly 3 lakh DNSChanger virus-hit computers across the globe and over 20,000 in India may lose Internet access from July 9. DNSChanger is a malware computer programme that redirects the Internet traffic to fake websites and a McAfee spokesperson revealed that according to the data provided by DNSChanger Working Group, India has the third-highest number of DNS infections after the United States and Italy.

Hack to protest (Image Credit: Getty Images)


Infected... (Image Credit: Getty Images)




The data by DNSChanger Working Group (DCWG) also reveals that there are a maximum of over 69,500 infected PCs in the U.S. In Italy, there are about 26,500 infected systems, which take the second place, followed by India and the UK.  The UK is estimated with about 19,589 infected PCs. The Federal Bureau of Investigation will be shutting down servers that are associated with the DNSChanger malware on July 9 and eventually all computers that are infected with this threat may no longer able to access the Internet, as per the spokesperson. 


As a part of ‘Operation Ghost Click’, FBI took control of the servers used by cybercriminals last year. Then, the FBI replaced the rogue servers with temporary legitimate servers so that it will not disrupt the web activities of those with the infected PCs. Reportedly, these servers were allowed only till July 9, 2012. McAfee has also released a free tool to assist consumers whose machines have been infected by the DNSChanger trojan. “By providing a free tool that walks them through the process, we are making it easy for consumers to fix their settings and stay connected,” Vincent Weafer, senior vice-president, McAfee Labs, said in a statement.


recent report also revealed the potential ‘Internet Doomsday’ to be approaching soon. Some blogs and news had hyped the risk of an outage, warning of a potential "blackout" and describing the Alureon malware as the "Internet Doomsday" virus. However, experts had said only a tiny fraction of computer users were at risk, and Internet providers would be on call to quickly restore service. They said they considered the threat to be small compared with more-prevalent viruses such as Zeus and SpyEye, which infect millions of PCs and are used to commit financial fraud. About 245,000 computers worldwide are believed to be still infected by Alureon and its brethren, according to security firm Deteque. That included 45,355 computers in the United States. The viruses were designed to redirect Internet traffic through rogue DNS servers controlled by criminals, according to the FBI. DNS servers are computer switchboards that direct Web traffic.


When authorities took down the rogue servers, a federal judge in New York ordered that temporary servers be kept in place while the victims' machines were repaired. The temporary servers will shut down at 12:01 a.m. EDT on Monday, which means the infected PCs that have not been fixed will no longer be able to connect to the Internet.



Published Date: Jul 07, 2012 10:09 am | Updated Date: Jul 07, 2012 10:09 am