DNSChanger victims to lose internet on Monday
This coming Monday, 9 July, the FBI will be turning off the DNS server which currently intercepts queries from DNSChanger victims. This will mean that users who are infected with the malware will be almost completely unable to access the internet normally. Users are therefore advised to check whether their computers or routers use one of the FBI-listed IP addresses for DNS queries, well before the server shutdown, by visiting dnschanger.eu or dns-ok.us.
Users who want to check their configuration manually need to look out for the following IP address ranges:
85.255.112.0 to 85.255.127.255
67.210.0.0 to 67.210.15.255
93.188.160.0 to 93.188.167.255
77.67.83.0 to 77.67.83.255
213.109.64.0 to 213.109.79.255
64.28.176.0 to 64.28.191.255
If an address from one of the above ranges is already set as the DNS server on the computer or router, it is infected with DNSChanger. Users can find out where to locate this DNS server information for their particular case using a wizard set up by the eco association. Future DNS queries can be made using servers such as Google's at 8.8.8.8.