DNS Changer is a malware that attackers use to modify a users DNS settings to a separate set of rouge DNS servers this is critical because an attacker that controls your DNS server also controls the content that is served to the user this makes it possible for attackers to use your sessions to unintentionally surf sites that contain other malicious content. One major issue that can occur is web-masking which could potentially allow an attacker to route websites that you browse on a daily basis to their own mock sites for example online banking sites, email, social network sites. Prior to this being used for malicious use it was primarily used by attackers to control the ad settings for search sessions. Controlling your search session would allow an attacker to embed ad network affiliate id’s that would allow them to earn money off of the sites that you visit. DNS Changer is an escalation of this attack as it is extremely malicious nature due to the fact that it completely disables internet service for the affected user. There are ways to determine whether you have been affected or not, and you can start by visiting http://dns-ok.us/ If the DNS Resolution shows “Green” you should be safe from DNS Changer. McAfee recommends using “Stinger” to mitigate the DNS Changer issues on an infected system. You can read their release, McAfee Labs Threat Advisory: Rogue DNS Servers . As veteran of McAfee’s COVERT LABS I can attest to the amount of research, and development that goes on to combat against current, and future threats. If you or your enterprise has been maliciously attacked or if you want to know what your pain points are contact us to setup an assessment. 6D employs a great amount of Cyber Security talent with over 15 years of background in the industry.