ConCen / Main / Nerds & Geeks v / Security slackers risk Internet blackout on March 8

Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Security slackers risk Internet blackout on March 8
02-23-2012, 09:55 PM
Post: #1
Frank2 Offline
Blakmar Diemer
****
 		Posts: 429
Joined: Dec 2010
Security slackers risk Internet blackout on March 8
Security slackers risk Internet blackout on March 8
If feds pull down temporary DNS fix as planned, machines infected with DNSChanger Trojan won't be able to access the Web
By Ted Samson | InfoWorld
Follow @tsamson_IW
Print | 4 Comments

Companies and home users whose computers or routers are infected by the DNSChanger Trojan risk being unable to access the Web come March 8, 2012, when the FBI unplugs the legitimate DNS servers it set up to replace the rogue DNS servers that were forwarding victims to malicious sites. The removal of the fed's band aid could impact a substantial number of users, too, as half of Fortune 500 companies and government agencies are infected with the malware, according to a new report.

Back in November, the feds famously took down the DNSChanger botnet network, which a cyber criminal gang was using to redirect Internet traffic to phony websites that existed simply to serve up ads. To prevent the disruption of Internet traffic - and likely to monitor where DNSChanger traffic was coming from - the feds replaced the criminals' servers with clean ones that would push along traffic to its intended destination. Without the surrogate servers in place, infected PCs would have continued trying to send requests to aimed at the now-unplugged rogue servers, resulting in DNS errors.

That surrogate network was supposed to be temporary -- in operation just long enough for companies and home users to remove DNSChanger malware from their machines. Said network is slated to be unplugged on March 8. Once the surrogate server network is unplugged, computers infected with DNSChanger will not be able to access the Internet: The malware will send requests to servers that will no longer be online.

Unfortunately, the cleanup process has been slow, according to security company IID (Internet Identity): The company reports that at least 250 of Fortune 500 companies and 27 out of 55 major government entities had at least one computer or router that was infected with DNSChanger in early 2012.

Companies and users may get a reprise. According to Krebs on Security, the FBI's DNSChanger Working Group is weighing its options, including requesting a court order to extend the March 8 deadline.

Would providing an extension be the most prudent move, though?

http://www.infoworld.com/t/anti-virus/se...7?page=0,0

Did you write down your DNS Settings?

If you followed these instructions, you should have written down your current DNS settings.
Are you safe?

If your computers' DNS settings use the follow ranges, then you likely have been affected by the DNS Changer viruses.

Between this IP... ... and this IP
77.67.83.1 77.67.83.254
85.255.112.1 85.255.127.254
67.210.0.1 67.210.15.254
93.188.160.1 93.188.167.254
213.109.64.1 213.109.79.254
64.28.176.1 64.28.191.254

http://dcwg.org/checkup.html
http://dcwg.org/checkup2.html
“The truth, of course, is that a billion falsehoods told a billion times by a billion people are still false.”
--Travis Walton

http://truthfrequencyradio.com/chat/
Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | ConCen | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication