DNSChanger Trojan causes European malware epidemic

A large-scale malware epidemic is affecting the UK and the rest of Western Europe thanks to the DNSChanger Trojan, according to Kaspersky.

The Trojan.Win32.DNSChanger.ech came top of a list of the top twenty detected malware programs. It was the most prolific malware program for the second consecutive month according to the Kaspersky Security Network, and three times more widespread than the trojan in second place.

Kaspersky also released a list of malicious programs which had already infected objects, and it showed that the majority of them had file infection capabilities. This included the DNSChanger Trojan, and showed that there was a big spread of threats which needed disinfection rather than stopped by deleting the infected object.

"The appearance of the DNSChanger Trojan in both charts is significant," said Alexander Gostev, Senior Virus Analyst at Kaspersky Lab. "It indicates that the epidemic across Western Europe has been aided by the program's ability to constantly modify itself and exist in various guises on different computers."

The DNSChanger Trojan is believed to be a member of the Zlob family and usually works by adding rogue DNS name servers to the registry of Windows-based computers or the network settings of Mac computers. This means that it can re-route traffic from legitimate websites to malicious websites.

In June, IT PRO looked a new variant of the DNSChanger Trojan which had the ability to control network routers by changing settings to redirect internet traffic.

Last year, we reported about how the trojan was also infecting Mac computers.