- December 2016: DNSChanger EK uses malvertising to infect routers. (Bleeping Computer)
- May 2015: DNSChanger EK uses cross-site request forgery to hijack routers. (Malware Don’t Need Coffee)
- Proofpoint provides technical details on DNSChanger EK, here.