During the height of the DNS changer infection, millions of users found themselves being directed to sites they weren't intending to go to as an effect of the bug. Security experts and the FBI has since come into the picture to take care of things and secure the rogue DNS settings to that infected users could use the web as they usually do--but not anymore.
On July 9th, FBI will be shutting down the replacement servers they've set up as a temporary fix to the problem, so the users who still didn't remove the infections will be redirected to spam-filled and malware-laden sites once more.
Internet Identity recently did a study to look at the type of users who are still infected with DNS changer, and reports some pretty surprising results: 12% of affected machines are owned by Fortune 500 companies.
DNSChanger is an insidious form of malware affecting everyone from the everyday consumer to a large chunk of the Fortune 500. By working together to pool collective intelligence on the latest security threats, enterprises can ensure DNS resolvers do not enable employees to visit Internet locations hosting malware like DNSChanger.
-- Lars Harvey, Internet Identity CEO
HitmanPro looked into the demographics of infected computers, and reported the following figures, as of the end of June: 69,517 unique IPs remain infected in the United States, 26,494 in Italy, 21,302 in India, around 19,500 in the United Kingdom, and approximately 18,400 in Germany.
To see if your machine might be infected with DNA changer, head on over to the DNS Changer Check-Up site and run a quick scan.