(originally posted by: "King Dude")
"Hundreds of thousands of Internet users whose computers are infected with a particularly nasty virus will be unable to access the Web starting on Monday.
The Federal Bureau of Investigation will shut down Internet servers that it temporarily set up to support those affected by malicious software, called DNSChanger. Turning off those servers will knock all those still infected offline.
Over the past five years, a group of six Estonian cybercriminals infected about 4 million computers around the world with DNSChanger. The malware redirected infected users' Web searches to spoofed sites with malicious advertisements.
In November 2011, the FBI and some overseas partners arrested those responsible, commandeered their servers, and attempted to warn those affected to get rid of the virus.
The FBI did not immediately take down the rogue servers, as infected computers would have lost Internet access, an FBI spokesman said.
To remedy the problem, the FBI had the nonprofit Internet Systems Consortium set up temporary servers. That way, computer owners would have time to get rid of their malware.
The servers were supposed to be shut down in March, but hundreds of thousands remained infected. Nearly 304,000 computers worldwide (about 70,000 in the United States) still had the virus in mid-June, according to the FBI's latest report. That's a large number, but it's a very small subset of the 1.6 billion PCs worldwide, of which an estimated 339 million are in the United States.
Still, the FBI decided to give people even more time to check for the malware, extending the deadline until July. The agency now says the time has come to cut the cord, and the emergency servers will be shut down on Monday.
Though the FBI tried to send notifications to those infected, it could not identify all of them, a spokesman said."
read more at: money.cnn.com
The Federal Bureau of Investigation will shut down Internet servers that it temporarily set up to support those affected by malicious software, called DNSChanger. Turning off those servers will knock all those still infected offline.
Over the past five years, a group of six Estonian cybercriminals infected about 4 million computers around the world with DNSChanger. The malware redirected infected users' Web searches to spoofed sites with malicious advertisements.
In November 2011, the FBI and some overseas partners arrested those responsible, commandeered their servers, and attempted to warn those affected to get rid of the virus.
The FBI did not immediately take down the rogue servers, as infected computers would have lost Internet access, an FBI spokesman said.
To remedy the problem, the FBI had the nonprofit Internet Systems Consortium set up temporary servers. That way, computer owners would have time to get rid of their malware.
The servers were supposed to be shut down in March, but hundreds of thousands remained infected. Nearly 304,000 computers worldwide (about 70,000 in the United States) still had the virus in mid-June, according to the FBI's latest report. That's a large number, but it's a very small subset of the 1.6 billion PCs worldwide, of which an estimated 339 million are in the United States.
Still, the FBI decided to give people even more time to check for the malware, extending the deadline until July. The agency now says the time has come to cut the cord, and the emergency servers will be shut down on Monday.
Though the FBI tried to send notifications to those infected, it could not identify all of them, a spokesman said."
read more at: money.cnn.com
and visit washingtonpost.com to see more info about this virus and how to fix it.
Unneeded scare
A couple of Indian dailies (here and here) have picked up on 3 day old news reports (here and here) that starting Tuesday Google will warn users of a ‘possible’ internet blackout from July 9th.
First of all the reports are misleading for the simple reason the possible blackout or inability to connect to internet is most likely to occur to users in US, Canada and Europe and less likely for users in India (it is possible though as several hundred PCs in India are still suspect). In any case, it will be individual users who will lose their internet access and it doesn’t mean a whole scale blackout.
The root of the original problem lies, as usual, in what else, but online criminal activity. Sometime back cybercriminals using a malware known as DNSChanger managed to change the DNS Server address of several hundred thousand PCs. The FBI in a takedown broke the crime ring, but installed a couple of ‘clean’ DNS servers to enable the infected machines access internet. Now, the FBI is all set to shut them down on July 8th.
So what has this got to do with Google? Last Tuesday Google announced in its blog that it will use a technique to detect possible infection when a user comes searching at Google and display an alert (in the preferred local language of the user) to warn him. Those warnings are due to appear from today. So if you notice a warning when you Google for something, the PC is supposed to be infected with DNSChanger.
If you do not receive the warning, your PC is most likely safe, from DNSChanger, that is. In case you don’t want to wait on Google to do the dirty work for you, you can head straight to the specific FBI webpage and check whether the PC is infected with DNS changer by:
My own recommendations are:
**DNS Advantage DNS servers (156.154.70.1 and 156.154.71.1) are blazingly fast if you are located in India. They beat every other DNS Server hands down.
As a footnote, I never use my ISP’s DNS Server. On my home PC is it either DNS Advantage or OpenDNS. When asked for advice in homes with children who use PC, it is always ScrubIT filtered. For all others it is Comodo secure DNS auto install with Comodo Internet Security.
(source: madmadrasi.net)
Unneeded scare
A couple of Indian dailies (here and here) have picked up on 3 day old news reports (here and here) that starting Tuesday Google will warn users of a ‘possible’ internet blackout from July 9th.
First of all the reports are misleading for the simple reason the possible blackout or inability to connect to internet is most likely to occur to users in US, Canada and Europe and less likely for users in India (it is possible though as several hundred PCs in India are still suspect). In any case, it will be individual users who will lose their internet access and it doesn’t mean a whole scale blackout.
The root of the original problem lies, as usual, in what else, but online criminal activity. Sometime back cybercriminals using a malware known as DNSChanger managed to change the DNS Server address of several hundred thousand PCs. The FBI in a takedown broke the crime ring, but installed a couple of ‘clean’ DNS servers to enable the infected machines access internet. Now, the FBI is all set to shut them down on July 8th.
So what has this got to do with Google? Last Tuesday Google announced in its blog that it will use a technique to detect possible infection when a user comes searching at Google and display an alert (in the preferred local language of the user) to warn him. Those warnings are due to appear from today. So if you notice a warning when you Google for something, the PC is supposed to be infected with DNSChanger.
If you do not receive the warning, your PC is most likely safe, from DNSChanger, that is. In case you don’t want to wait on Google to do the dirty work for you, you can head straight to the specific FBI webpage and check whether the PC is infected with DNS changer by:
- entering the DNS Server address inserted in your PC (or router) into the box - but you have to know the DNS Server address in the first place; or
- clicking on any one of the 9 URLs in the table below the box - those sites will tell you whether your PC is safe or not.
- DNS Changer Working Group (DCWG) Fix webpage, or
- PCWorld webpage on DNSChanger removal.
My own recommendations are:
- *ScrubIT ‘filtered’ DNS servers: 67.138.54.100 and 207.225.209.66;
- **DNS Advantage DNS servers: 156.154.70.1 and 156.154.71.1;
- Comodo Secure DNS servers: 8.26.56.26 and 8.20.247.20;
- OpenDNS DNS servers: 208.67.222.222 and 208.67.220.220; and
- ScrubIT DNS Servers: 67.138.54.120 and 207.225.209.77.
**DNS Advantage DNS servers (156.154.70.1 and 156.154.71.1) are blazingly fast if you are located in India. They beat every other DNS Server hands down.
As a footnote, I never use my ISP’s DNS Server. On my home PC is it either DNS Advantage or OpenDNS. When asked for advice in homes with children who use PC, it is always ScrubIT filtered. For all others it is Comodo secure DNS auto install with Comodo Internet Security.
(source: madmadrasi.net)
No comments:
Post a Comment