DNSChanger victims to lose internet on Monday

This coming Monday, 9 July, the FBI will be turning off the DNS server which currently intercepts queries from DNSChanger victims. This will mean that users who are infected with the malware will be almost completely unable to access the internet normally. Users are therefore advised to check whether their computers or routers use one of the FBI-listed IP addresses for DNS queries, well before the server shutdown, by visiting dnschanger.eu or dns-ok.us.

Users who want to check their configuration manually need to look out for the following IP address ranges:

    85.255.112.0 to 85.255.127.255
    67.210.0.0 to 67.210.15.255
    93.188.160.0 to 93.188.167.255
    77.67.83.0 to 77.67.83.255
    213.109.64.0 to 213.109.79.255
    64.28.176.0 to 64.28.191.255

If an address from one of the above ranges is already set as the DNS server on the computer or router, it is infected with DNSChanger. Users can find out where to locate this DNS server information for their particular case using a wizard set up by the eco association. Future DNS queries can be made using servers such as Google's at 8.8.8.8.