The “DNS-Changer” program infects up to 33,000 computers in Germany each day, according to authorities who arrested those behind the scheme in November.
A “DNS-Changer” infection means a computer connects to a fake version of the Domain Name System – the service which enables access to websites, the Office for Information Technology Security (BSI) said on its website on Wednesday.
Rather than connecting to the normal DNS, an infected computer is instead re-routed to websites which criminals have manipulated and use for fraudulent activities such as the spreading of fake anti-virus software.
Those operating the fake DNS have also been sending manipulated advertising to infected computers, manipulated search results and sent further malware to them.
Although the FBI and European police authorities arrested many of those operating the fake DNS system in November, they left the system running while a real one was put in its place. But the fake one will be shut down on March 8, leaving those computers still connecting to it, in the dark.
A quick check can be carried out by logging onto the site www.dns-ok.de which has been set up by the government, Deutsche Telekom and the German federal police.
A simple green-coloured response from the site means your computer is free of the “DNS-Changer”. The BSI said the page would not start a program or download anything.
A red response means your computer is infected, and the site will offer a number of suggestions of how to fix it.