HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


DNSChanger virus

Login / Search

 [ Join | More ]
 Add topic 
Posted
Item has a rating of 5 (Liked by JeanLiked by BobSLiked by Rodzan Khairull Shikh Kadir)  
Rating:
#84872 (In Topic #17483)
Avatar

Community saint

DNSChanger virus spells 'Internet Doomsday' … The end is nigh, according to the FBI … 'Internet doomsday' will strike us all on July 9 …

That's what a couple of popular websites (HuffingtonPost being one of them) have had to say about the DNSChanger virus, but you should file this under the header 'A Crock Of S**t' as, although it is a real piece of malware, the botnet was taken down on the 8th of November 2011 in a joint operation by the FBI and the Estonian police.

DNSChanger is a TDSS/Alureon variant, and has a nasty full-rootkit behaviour that is hard to detect, and even harder to clean. An estimated four million computers (PC or Mac) have been infected, 500,000 in the US alone! It doesn't try to steal your creditcard or banking information: it simply redirects you to porn websites who, in turn, appear to have so far paid the perpetrators (6 Estonians - securely locked up and awaiting extradition to the US) about 14 million dollars to date!

In an amazing technical feat, the FBI and BINDS identified the infected DNS servers and closed them down, without notifying the millions of users, to stop widespread panic, substituting legitimate servers so that users didn't even notice the changeover. However, infected computers are still infected, but at least they are now reaching their intended destinations!

Joint operation of the (temporary - until July 9th - somebody has to pay for the service!) DNS server farm has been given to an organization called the DNSChanger Working Group (DNSWG) and the FBI. And from where I am sitting, the latter's involvement should scare the bejesus out of us, too!

Here's a simple one-click test to establish whether you are infected. You will get a GREEN or a RED.

My check was green, so I can only assume that if you receive the latter it will also give you more information on how to go about cleaning your PC. If it doesn't, do a search for a rootkit sniffing and cleaning proggy, and get it off your machine ASAP. Oh, and do your 'Mom'n'Pop' machines a favour and check them out, too!

 It's worth the click!

Take my advice. I'm not using it!

View my working ocPortal site (version 9.x.x) at Anglo-Indian Portal
Back to the top
 
Posted
Rating:
#84876
Avatar

Community saint

its correct Fletch, I had check my machines already two weeks ago, and I'm green to.


http://digiflash.nl Photo community  (dutch)
Back to the top
 
Posted
Rating:
#84880
Avatar

Community saint

Fletch said

you should file this under the header 'A Crock Of S**t' as, although it is a real piece of malware, the botnet was taken down on the 8th of November 2011 in a joint operation by the FBI and the Estonian police.
The botnet may have been taken down, but the reason it is still important for the ~4,000,000 people is because:
This temporary solution is expected to be switched off as early as 9 July 2012. It is likely that users infected by DNSChanger will be unable to connect to the internet when the temporary DNS solution is switched off.

That was from the Australian government test site (Australian Government DNSChanger Diagnostic) which at least has more info up-front.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#84882
Avatar

Community saint

temp1024 said

This temporary solution is expected to be switched off as early as 9 July 2012. It is likely that users infected by DNSChanger will be unable to connect to the internet when the temporary DNS solution is switched off.

That's an OUCH!

 :o

Take my advice. I'm not using it!

View my working ocPortal site (version 9.x.x) at Anglo-Indian Portal
Back to the top
 
Posted
Rating:
#84893
Avatar

Community saint

I was fortunately green when I checked a while back but I just checked again, just in case. Still green. I really do wish these smart people would put their talents to some good use. it really is quite sad to see the chaos they sow when they could instead be making positive contributions.

Bob
Back to the top
 
1 guests and 0 members have just viewed this: None
Control functions:

Quick reply   Contract

Your name:
Your message: