Home » Malware » DNSChanger Malware – Is Your Computer One Of Over 10,000 Affected?

DNSChanger Malware – Is Your Computer One Of Over 10,000 Affected?

  • Pin It
  • Pin It

DNSChanger MalwareCould your computer or networking equipment be one of more than 10,000 that are still affected by the “DNSChanger” malware from last year?

Let me first explain what DNS is, and then explain this amazing situation – which has left the FBI holding the bag, and over 10,000 users in Australia and New Zealand potentially in the lurch, with no access to the Internet after July 9 2012.


What is DNS? A crash course!

DNS is the technology that allows you to type “www.avg.com.au” into your web browser instead of “” – which is an IP address (the computer networking equivalent of a telephone number).

Think of DNS like a big telephone directory service! It does all the hard work, so as humans, we only need to remember words (domain names) instead of numbers (IP addresses).

Furthermore, in order for your computer to use DNS to help you find the website you want, it needs to be configured to connect with trusted DNS servers – and these are usually configured automatically by your Internet provider or company network.


So what happens when your computer is configured to use a malicious or untrusted DNS server?

In this scenario, for example, you might type “www.google.com” into your web browser and instead of connecting to Google, your computer could connect to somewhere completely different – to a computer pretending to be Google!

As you now may appreciate, the effectiveness and ramifications of this type of attack can be astounding; Internet banking sites and other previously trusted websites could be faked, right down to the address in the browser bar (which we have been previously telling you to always check!)


DNSChanger & the FBI

And so in 2011, a nasty thing called “DNSChanger” entered the malware history books forever; masterminded by some sneaky cyber crooks that set about infecting thousands of machines worldwide, with a malware that specifically changed the DNS settings on computers. Both PC and Mac were affected, as well as some home routers and firewalls as well.

In November 2011, the FBI announced they had seized control of a vast network of dodgy DNS servers in the US and abroad – and these were connected to a well-known Trojan malware circulating at the time, that was changing DNS settings.

Shortly after this, the cybercriminals, much like cockroaches, scattered themselves into dark places nowhere to be seen, leaving the poor FBI in control of these dodgy DNS servers (that were now relied upon by all the infected computers around the world to go about their daily web surfing!)

So how many computers are we talking about? Well, in February 2012, there were reportedly over 430,000 computers affected worldwide – and in Australia, there are known to be over 10,000. In New Zealand, we expect it is in the thousands.

In an ironic twist of fate, the FBI have, by default, become one of the biggest DNS hosting providers in the world – but it isn’t a title they want, and the issue is, how do they undo this situation?

Well, initially these dodgy DNS servers were going to be shut-off on March 8, but that deadline has since been extended to July 9 2012. After this date, if your computer or network equipment is infected you may not be able to access the Internet.


How to check if your computer is affected by DNSChanger malware

Here’s the good news: The Australian Communications and Media Authority (ACMA) recently launched a very simple website that enables you to check if the computer you’re using is relying on the DNSChanger DNS servers.

You can visit the site at: http://dns-ok.gov.au

If the site warns that you are affected by this issue, follow the instructions provided on-screen – or if you are an existing commercial AVG user, get in contact with us for support and we will gladly assist.


Until next time, stay safe out there!


  • Brianbrain

    I would not trust this government as far as I can spit …..they are run by the septics who are just as corrupt or more corrupt than any other nation on this earth …..

    • Anonymous

      yeah right … and they are running the dns changer scam …. it’s idiots like you who deserve to have their computer compromised

      • tony budimir

        sounds like HIS computer IS compromised, his BRAIN, if you could call it a computer.

  • Hoggy

    Thank you, It’s good to know I’m not infected and it only took one click to find an instant result.

    • http://www.avg.com.au avgaunz

      Glad we could help Hoggy! 

  • Viv

    Thank you so much for the info…it is great to know that we haven’t been affected at all..keep up the great work guys.

    • http://www.avg.com.au avgaunz

      Thanks Viv!

  • BillTh

     Thanks AGV not affected, great work

  • ron

    Thanks for the information,thank goodness I don’t have this infection.so thank you again.

  • John

    Thankyou for pointing out this to me.  Thank goodness, I haven’t been affected. Keep up the good work!!

  • Lambertodgr8

    Thanks Guys I’ve been using AVG for around 10 years and haven’t had any virus problems since I had previously used both Norton and McAfee anti virus programs that were next to useless I still had virus and firewall problems . A technician cleaning a virus from my computer recommended AVG  which I installed and have found it stops viruses before they can infect my system .so I have recommended it to all my friends and Colleges .

    • http://www.avg.com.au avgaunz

      Thanks so much for your continued support Lambertodgr8 – it is greatly appreciated! It makes us so proud to hear you haven’t had any issues in 10 years :)

  • Barbara Lacy

    Advised my computer does not appear to be infected.  Many thanks for the info, really appreciate your assistance

  • Psyche

     Thanks for the info guys. Much appreciated.

  • Josephleckey

    thank you for the information, stay on top.

  • Rosanna6

    thank you for the information . Much appreciated

  • Mmdcarroll

    Thankyou so much, I really appreciate this.


  • AngeloGarreffa

    Thanks AVG for your help and support regards A Garreffa

    • http://www.avg.com.au avgaunz

      Pleasure Angelo – thanks for checking out the post! :)

  • OMTU

    I would have thought that I was paying AVG for protection from this known infection, not just emails about it.

    • http://www.avg.com.au avgaunz

      Precisely OMTU – you are! You can be assured that your software is protecting you from this threat. We simply like to keep the community informed, and ensure those who may not be up-to-date can protect themselves.

    • http://www.avg.com.au avgaunz

      Hi OMTU, AVG users are successfully protected against this threat which is great news! :) We simply wanted to advise everyone about this, as it is quite a complex situation and we’d hate for anyone (whether they be an AVG user or not) to lose access to the Internet when it can be avoided. 

  • Lloydfee

    thanks avg

  • Mpmelrose

    Thank you AVG this is why i stay with you guys with both my mobile and PC great support and service cheers
    M Melrose

    • http://www.avg.com.au avgaunz

      Thanks for your kind words Mpmelrose – they are greatly appreciated! 

  • Terry Rist

    Many thanks for a very helpfull explanation , simple and easy to understand , well done AVG .

    • http://www.avg.com.au avgaunz

      No worries Terry – glad you found the information useful :)

  • Joeblando

    AVG thank you my laptop was not infected and will check my other computers .

  • Barrymt

    Thank you for your support-Much appreciated-Pensioner Taupo-NZ

  • George Nix


    Thanks.  Contacted the site and it advised that my computer did not appear to be affected.

  • M R

    G’day Guys and Gals at AVG, thanks for the heads up and that’s why I happily continue to renew my sub every two years. Had another “big name” internet security company before you guys and it let EVERYTHING through, never ending problems with security. My fix it guy put AVG free into my computer and I liked it, plus it never failed me. So now I’ve been signed up to AVG for 6 years I think and NEVER had an issue, AVG catches everything as it should. AVG is simply excellent, thanks so much for sharing your know how, Cheers Mark in Adelaide

    • http://www.avg.com.au avgaunz

      Hi Mark, thanks for your kind words and continued support! 6 years is a long time and we’re truly proud to hear that the product hasn’t once let you down. It’s always lovely to hear from our loyal customers – thanks again :)

  • Theo

    i’ve used AVG for a while but since Google tells me i have that DNS charger AVG hasn’t found anything and the little thing ontop  of google search bar is annoying me

    • http://www.avg.com.au avgaunz

      Hi Theo, should you have a commercial AVG licence, we suggest contacting our friendly Technical Support Team straight away on 1300 284 000 (AU) or 0800 284 000 (NZ) or via the contact form at http://www.avg.com.au/contact/technical-support/. They will be able to assist regarding the DNSChanger malware.

      Additionally, it sounds like you may be referring to the AVG Security Toolbar. You can disable this by following the steps highlighted at http://www.avg.com.au/news/tech/disable_avg_toolbar/.

      Hope this helps!

  • Warrawillah

    when I click on the site http://dns-ok.gov.au I get a click sound, a little bomb blast icon and nothing happens. Does this mean I have a DNS problem?

    • http://www.avg.com.au avgaunz

      Does sound like something strange is happening there Warrawillah. If you have a commercial licence of AVG, we’d encourage you to get in contact with our Technical Support Team straight away, via email support@avg.com.au (be sure to include your licence number in the body of the email). Thanks – we look forward to hearing from you!     

  • http://www.avg.com.au avgaunz

    Our pleasure, Eric – glad to hear you were in the clear!

Is this worth sharing?
If you think this information would help keep others safe online, please share: