IID announced that 12 percent of all Fortune 500 companies and four percent of “major” U.S. federal agencies are still infected with DNSChanger malware. These findings come less than two weeks before the July 9 deadline that requires the FBI to take down the temporary servers that enable millions of computers and routers infected with DNSChanger to still reach their intended Internet destinations.


To illustrate just how pervasive and problematic DNSChanger has been since being discovered in late 2005, IID has designed the first infographic (click above for large version) detailing this malware infection.

In addition to a timeline of how DNSChanger has progressed and an illustration of the collective intelligence that has helped combat the malware, the infographic shows exactly how employees at Fortune 500 companies became infected and how the malware’s spread could have easily been stopped.

“DNSChanger is an insidious form of malware affecting everyone from the everyday consumer to a large chunk of the Fortune 500,” said IID CEO Lars Harvey. “By working together to pool collective intelligence on the latest security threats, enterprises can ensure DNS resolvers do not enable employees to visit Internet locations hosting malware like DNSChanger—protecting their customer confidence, revenue, intellectual property and much more.”

Because infected computers and routers will have no servers directing their DNS requests after July 9, the Internet may literally go dark for people using those computers or routers.

Another effect of DNSChanger: if an enterprise’s employee has the malware on their computer even before the temporary servers go down, that enterprise is susceptible to having their proprietary information stolen. That’s because DNSChanger disables Anti-Virus (A/V) and regular software updates, exposing victims to attacks from other virus families.

This enables criminals to view any data, messages exchanged and more on a victim’s computer, depending on what the victims’ machines are infected with.