Best Reviews logo
Best Reviews may receive compensation for its content through paid collaborations and/or affiliate links. Learn more about how we sustain our work and review products.
What Are DNSChanger Attacks and How to Prevent Them

What Are DNSChanger Attacks and How to Prevent Them

By Leo S.Leo S. — Verified by Sander D.Sander D. — Last updated: July 18, 2024 — (0)

There are two things in life we can take for granted: death and internet attacks. In fact, while there’s nothing we can do about the first one, the second one is fortunately much more avoidable, if we choose to protect ourselves in an efficient manner. With this being said, protection is now more important than ever, because lately a nasty form of internet attack has returned from its grave. DNSChanger Trojans are indeed coming back and can once again become a problem for any network in the world.

However, as we mentioned before, there’s something you can do about these malicious attacks so you don’t have to fall prey for them.

A brief return to the past

DNSChanger was a Trojan that infected over 4 million computers worldwide for about five years (2007-2012) and earned at least $14 million in profits to its operators, an Estonian company called Rove Digital. Unlike DDoS attacks, which prevent access to certain online services, DNSChanger was distributed as a so-called drive-by download that claimed to be a video codec required to play content of determined websites, mainly adult ones. If the victim fell for the trap, the malware would modify the system’s DNS (Domain Name System) configuration, hijacking (rerouting) users to rogue DNS servers operated through affiliates of Rove Digital. The malware would not only replace all the website’s ads with those by the Estonian company, but also redirect a perfectly normal link to the websites of those same advertisers. To make things worse, the effects of this kind of attack could also easily spread to other computers within a LAN by simply copying a DHCP server, directing all other computers towards the same rogue DNS servers.

This malicious operation was so serious that in November 2011 it resulted in a raid organized by the FBI to locate rogue servers. However, to avoid the affected users from losing their internet access, the agency chose to keep the servers up and running until July 2012, when they finally captured the people behind Rove Digital.

A few years later, however, DNSChanger attacks are, sadly, back in a new and advanced form, infecting several Netgear and D-Link type routers. This time it targets small businesses and home users via hidden JavaScript code, which is launched if the victim clicks on web ads, and scans the IP address of the browser. Should the IP address of the victim be within the range of the attacker, the browser redirects the user to a page carrying the DNSChanger Exploit Kit. This kit then looks up domain-names via DNS servers controlled by hackers and, ultimately, all downloads on the infected computer are redirected to the rogue servers. Aside from that, the usual ads are replaced by fake ones carrying all sorts of spyware and malware.

How to avoid being affected

Unfortunately a simple antivirus won’t be enoughto avoid this mess in fact, your best chance against this Trojan will be investing in a DD-WRT VPN router. Such a router runs open-source firmware, thus preventing default firmware bugs. Furthermore, it shuts factory installed backdoors so they cannot be exploited by attackers. DD-WRT VPN routers also contain strong firewalls and ad-blockers, therefore clicking on an advertisement that might contain the malware is impossible to begin with. And last but not least, VPNs encrypt all your data, including your real IP address, so DNSChanger and other similar exploit kits have no chance to attack and control your network.

User Feedback

 Leave a reply

Your email address will not be published. Required fields are marked *


Latest Articles

How To Master English Fluency: 10 Effective Tips and Tricks
When it comes to language learning, we often come across the word ‘fluency’. But what does it mean exactly? Simply put, fluency is the ability to articulate a message ...
Read article
4 Reasons To Choose CRM Software With AI
With the competition increasing, maintaining lasting customer relationships is more crucial than ever. Customer relationship management (CRM) systems have long been the backbone of most businesses’ effective interaction management, helping them streamline processes, improve satisfaction, and boost sales
Read article
Empower Your Wedding With The Perfect Hashtag
Do you remember the time when # was a simple sign used only in phone menus? The mundane past of the hashtag is now gone, because Twitter came, saw, and turned this barely known sign into a global Internet craze. 
Read article

Best Reviews

Best Reviews may receive compensation for its content through paid collaborations and/or affiliate links. Learn more about how we sustain our work and review products.

©2012-2024 Best Reviews, a clovio brand – All rights reserved
Privacy policy · Cookie policy · Terms of use · Partnerships · Contact us