CBC: On Monday, thousands of systems currently infected with the DNSChanger virus will be unable to access the Internet as they usually do. When infected systems attempt to access the Internet, the DNSChanger malware reroutes the connections so that those PCs connect with servers specified by the virus. Originally, the malware sent victims through servers used for fraudulent means, but the FBI shut down those servers in 2011 and put “clean” servers in their place as a temporary measure. As a result, many users with infected systems continued accessing the Internet via these clean servers without realizing they had a virus. On Monday, the FBI will shut down those clean servers, leaving infected machines unable to access the Internet until the malware is removed.
The FBI estimates that 275,000 systems around the world are still infected by DNSChanger. During the four years that the malware was operational, the scheme earned $20 million for those behind the malware.