There are two things in life we can take for granted: death and internet attacks. In fact, while there’s nothing we can do about the first one, the second one is fortunately much more avoidable, if we choose to protect ourselves in an efficient manner. With this being said, protection is now more important than ever, because lately a nasty form of internet attack has returned from its grave. DNSChanger Trojans are indeed coming back and can once again become a problem for any network in the world.
However, as we mentioned before, there’s something you can do about these malicious attacks so you don’t have to fall prey for them.
A Brief Return to the Past
DNSChanger was a Trojan that infected over 4 million computers worldwide for about five years (2007-2012) and earned at least $14 million in profits to its operators, an Estonian company called Rove Digital. Unlike DDoS attacks, which prevent access to certain online services, DNSChanger was distributed as a so-called drive-by download that claimed to be a video codec required to play content of determined websites, mainly adult ones. If the victim fell for the trap, the malware would modify the system’s DNS (Domain Name System) configuration, hijacking (rerouting) users to rogue DNS servers operated through affiliates of Rove Digital. The malware would not only replace all the website’s ads with those by the Estonian company, but also redirect a perfectly normal link to the websites of those same advertisers. To make things worse, the effects of this kind of attack could also easily spread to other computers within a LAN by simply copying a DHCP server, directing all other computers towards the same rogue DNS servers.
This malicious operation was so serious that in November 2011 it resulted in a raid organized by the FBI to locate rogue servers. However, to avoid the affected users from losing their internet access, the agency chose to keep the servers up and running until July 2012, when they finally captured the people behind Rove Digital.
How to Avoid Being Affected
Unfortunately a simple antivirus won’t be enough to avoid this mess in fact, your best chance against this Trojan will be investing in a DD-WRT VPN router. Such a router runs open-source firmware, thus preventing default firmware bugs. Furthermore, it shuts factory installed backdoors so they cannot be exploited by attackers. DD-WRT VPN routers also contain strong firewalls and ad-blockers, therefore clicking on an advertisement that might contain the malware is impossible to begin with. And last but not least, VPNs encrypt all your data, including your real IP address, so DNSChanger and other similar exploit kits have no chance to attack and control your network.
Best VPN Services of 2020
|Editor's Choice 2020|