DNSChanger is a Trojan horse that was distributed in many forms, and when installed it actively changes the infected system's DNS settings to rogue servers that redirect legitimate searches and URLs to malicious Web sites that attempt to steal personal information and generate illegitimate ad revenue for the scammers.
The Mac variants of the malware, found starting in 2008. These have been distributed through Web sites disguised as required video codecs for QuickTime, and as with the Windows versions, when installed the Trojan would change the system's DNS settings to servers that would redirect legitimate Web URLs to malicious sites.
