DNSChanger is a DNS hijacking Trojan.[1][2] The work of an Estonian company known as Rove Digital, the malware infected computers by modifying a computer's DNS entries to point toward its own rogue name servers, which then injected its own advertising into Web pages. At its peak, DNSChanger was estimated to have infected over four million computers, bringing in at least US$14 million in profits to its operator from fraudulent advertising revenue.[3]
Both Windows and Mac OS X variants of DNSChanger were circulated, the latter taking the form of a related Trojan known as RSPlug. The FBI raided the malicious servers on November 8, 2011,[4] but they kept the servers up after they capturing it to avoid affected users from losing Internet access until July 9, 2012.
^Trojan:Win32/Dnschanger.O – Microsoft
^"Antivirus scan for fdde13872caa1a0e1b9331188ca93b8fc424fed43d86d5cf53f6965f6a77184e] at 2017-01-30 04:47:37 UTC – VirusTotal". www.virustotal.com.
^Cite error: The named reference ars-massive was invoked but never defined (see the help page).
^"Esthost Taken Down – Biggest Cybercriminal Takedown in History – TrendLabs Security Intelligence Blog". 9 November 2011.
DNSChanger is a DNS hijacking Trojan. The work of an Estonian company known as Rove Digital, the malware infected computers by modifying a computer's DNS...
(named RSPlug). Some variants of the Zlob family, like the so-called "DNSChanger", add rogue DNS name servers to the registry of Windows-based computers...
Domain Name System (DNS) traffic. For example, it protects from a trojan DNSChanger, a tracking Internet provider, or hackers. This option must be enabled...
The RSPlug Trojan horse, a form of DNSChanger, is malware targeting the Mac OS X operating system. The first incarnation of the trojan, OSX.RSPlug.A, was...
caching daemon". BIND Comparison of DNS server software Trojan.Win32.DNSChanger Domain Name System Security Extensions Lightweight Directory Access Protocol...
Operation ShadowNet Operation Payback 2011 Canadian government DigiNotar DNSChanger HBGary Federal Operation AntiSec PlayStation network outage RSA SecurID...
sentenced to jail for 40 and 44 months by US court EstDomains Trojan.Win32.DNSChanger "Investigations on a Cybercrime Hub in Estonia". Blog.trendmicro.com....
Operation ShadowNet Operation Payback 2011 Canadian government DigiNotar DNSChanger HBGary Federal Operation AntiSec PlayStation network outage RSA SecurID...
"Marcus Colon, Estonian court acquits four men of charges linked to DNSChanger". SC Magazine. December 23, 2013. Retrieved 15 November 2014. "Manhattan...
Companies portal Internet portal Law portal Rove Digital Trojan.Win32.DNSChanger Krebs, Brian. "Security Fix - EstDomains: A Sordid History and a Storied...