How to Check If Your Computer Has Been Infected with a Wide-Spread DNS Hack

toggle-button

If you believe the American FBI, a lot of people have infected computers that are using a rogue DNS service. According to a story in the Huffington Post, hundreds of thousands of Windows PC users may be unwitting members of a hacker network but are unaware of it. The FBI is about to close down the network in July and infected computers will lose the Internet. A site at this link has been provided where international services are listed that will check your computer to see if your DNS service is compromised.

Two excellent articles by  editor Remah that explain DNS servers are at this link and at this link. They are worth reading. DNS service is coming under attack more and more. DNS may seem an arcane subject but learning how to manage the service will give you more security.

Get your own favorite tip published!  Know a neat tech tip or trick?  Then why not have it published here and receive full credit?  Click here to tell us your tip.


This tips section is maintained by Vic Laurie. Vic runs several websites with Windows how-to's and tutorials, including a site for learning about Windows and the Internet and a blog with computer tips and commentary.

Click here for more items like this. Better still, get Tech Tips delivered via your RSS feeder or alternatively, have the RSS feed sent as email direct to your in-box.

Please rate this article: 

Your rating: None
4.2
Average: 4.2 (5 votes)
toggle-button

Comments

I'm not sure when this was last checked but I get the following errors from http://www.dcwg.org/detect

1. https is not supported *** ding, ding, ding, alarm bells!
2. All of the links tested (where english is supported) do not work with the exception of http://www.dns-ok.lu which had the following info:

DNS Changer inspection page
This site can no longer determine if your system is infected with the DNSchanger malware. The DNS-OK.LU site relied on the US government provided DNS servers to determine if a system was or was not infected.

Those servers were deactivated on July 9, 2012 in accordance with the expiration of the US court order that authorized those servers.
For more information: DNS Changer Working Group (DCWG).

So I'm curious how this article which was updated 1 February 2015 managed to get this to work after 2012?

YMMV!