This document discusses DNSchanger malware incidents from 2007 to 2014. It provides the following key details: - DNSchanger 2007 infected over 4 million computers from 2007-2011, generating $1.4 billion in profits through online ads, spam and scams. In March 2012 the servers were taken down. - DNSchanger 2014 infected over 300,000 home routers by changing their DNS settings to proxy traffic and install malware. This potentially exposed over 1.5 million computers to improper ads, pornography and malware. - The malware exploited vulnerabilities in home router administration interfaces, typically accessed through a web browser. It could change DNS settings remotely to direct traffic without the owner's knowledge. Updating router firmware, using a trusted