DNS Changer servers going offline

There are a whole host of different botnets. One botnet run by Rove Digital infected computers with viruses that changed their DNS settings, giving the botnet runners the ability to control how the infected computers viewed the Internet.
The criminals behind the DNS Changer virus were arrested in November of last year. The court ordered the Internet Systems Consortium (ISC) to operate replacement DNS servers for computers infected with the botnet viruses in order to give users a chance to clean and fix their computers.
That court order expires on Monday.
Anyone who is still infected with the DNS Changer malware will see their internet services greatly curtailed when the DNS servers go offline.
If you run Windows and you haven’t yet checked to see if you’re infected, you should do so soon. There are a number of websites you can visit that will tell you if you are actually infected with the DNS changer virus and if you are will give you information on how to fix your system.

And, if your internet stops working on Monday you’ll have some path to resolution.

Related Posts

Browsers, security and paranoia

MAAWG is coming up and lots of us are working on documents, and presentations. One of the recent discussions is what kind of security recommendations, if any, should we be making. I posted a list of things including “Don’t browse the web with a machine running Windows.”
Another participant told me he thought my recommendation to not use a windows machine to browse the web was over the top and paranoid. It may be, but drive by malware attacks are increasing. Visiting big sites may not be enough to protect you, as hackers are compromising sites and installing malware to infect visitors to those sites. Some ad networks have also been used to spread malware.
Criminals have even figured out how to install malware on a machine from email, without the recipient having to click or open attachments.
Avoiding the internet from a machine running Windows is a security recommendation I don’t expect many people to follow, but I do not think security and anti-virus software is enough to protect people from all of the exploits out there.
Of course, there are a lot of reasons that one might be forced to use a particular browser or operating system. For instance, I was on the phone with my bank just today to ask if they supported Safari. They say they do, but there are some things that just don’t work. The customer service rep said that they recommend Internet Explorer to all their users. She then suggested I switch browsers. No thanks, I’ll deal with the broken website.
Compromises are a major threat, and criminals are spending a lot of time and money on creating ways to get past current security. No longer is “not clicking on malware” enough to protect users. When a security clearinghouse is compromised and used as a vector for a targeted attack against Google, none of us are safe. When a security company is compromised, none of us are safe.
I realize my recommendation to avoid browsing the web on a Windows based machine is more wishful thinking than practical. I also know that other browsers and operating systems will be targeted if enough people move away from currently vulnerable operating systems. And I know that a simple, offhand suggestion won’t fix the problem.
As someone who’s been online long enough to see the original Green Card spam I know that online dangers evolve. But I can’t help thinking that most of us aren’t taking the current threats seriously enough.

Read More

Scam, Scam, Scam

One of the things that never ceases to amaze me about phishers is how incredibly creative they can be in writing text that encourages recipients to open their emails.
There have been two separate incident recently that inspired me to talk about phishing.
The first was watching viruses propagate through my local neighborhood mailing list. I live in Silicon Valley and we do have an email list for neighbors to talk, plan and generally share information. Last week one of the neighbors got infected with a virus, and their address started posting links to more viruses to the list. Over the weekend I watched half a dozen neighbors get infected and post more viruses to the list.
The second is the dozens of messages I’ve been receiving telling me there are naked photos of me on the Internet. They have a couple different forms. Some pretend to be concerned friends worried that my private photos have leaked. Others threaten legal action or that the police are investigating me. Still others tell me I’ve ruined a friendship by sharing these photos.
None of those things are true, of course. They’re all trying to get me to open a file and infect my machine with some virus or another.

Read More

Biggest botnet takedown to date

Yesterday law enforcement officials arrested 6 people and charged them with running a massive internet fraud ring. Over 4 million PCs were part of the botnet.
According to the FBI

Read More