On March 5th, a US District Court (New York) signed an order to extend the March 8th deadline to July 9th.This extension will allow for all affected entities to continue to track-down and remediate agains hosts which are still compromised. Current data indicates that there are still several million infected/affected hosts world-wide dealing with this issue.
Over the last month, the temporary servers routed an average of 430,000 infected IP addresses according to the government request for extension. Security firm Internet Identity also found that at least 94 Fortune 500s and three major government agencies are still infected with DNSChanger. The remaining infected systems will now have an additional four months to get rid of the malware before having their DNS pulled.
The malware hijacked users clicks by modifying their computers' domain name system (DNS) settings to send URL requests to the criminals' own servers, a tactic that shunted victims to hacker-created sites that resembled the real domains.
It's estimated that DNSChanger generated close to $14 million in illicit advertising money via click hi-jacking and replacing online ads. The six individuals who were allegedly responsible for releasing the malware have been cleared for extradition by an Estonian court to face trial in the US.
"There has been significant progress within the government and enterprise, where it's easier to clean things up, but ISPs have been slower, in part because some of them are still trying to figure out how best to handle the situation," said Rasmussen, president and CTO at IID.
To find out whether your computer or network router is infected with DNSChanger malware, click here. If you are infected, make sure you've got a serious anti-virus security suite, update it and run a full system scan. If that doesn't work, contact a computer professional.
Also Read : FAQ : DNSChanger Trojan, Impact and Solutions