Internet is one of the main sources for malwares which damage our computers. Since last few months 'DNSChanger' which is kind of a Trojan, has ruled the world of malwares. Thus, FBI, America has repeated the warning that as many as half a million computers still infected with the malware could lose their Internet connections on July 9 because the agency is shutting down an expensive workaround to the problem.
This DNSChanger virus affects the Windows and MAC systems and it was around the Internet since 2007. What it basically does is changing the DNS settings used by the system. DNS (Domain Name System) is an Internet service that converts user-friendly domain names (www.google.lk) into the numerical Internet protocol (IP) addresses (192.232.134.52) that computers use to talk to each other. First, DNSChanger changes the computer’s DNS server settings to replace the ISP’s good DNS servers with rogue DNS servers operated by the criminal. Second, it attempts to access devices on the victim’s small office/home office (SOHO) network that run a dynamic host configuration protocol (DHCP) server (eg. a router or home gateway). Further, this virus can spread itself into other machines if you are using a LAN by changing the settings of the router. Making it worse, this will block you from accessing anti virus softwares too.
The Bottnet network which was used to spread this DNSChanger was disabled in last November by FBI, USA through their special mission called 'Ghost Click'. Moreover, most of the anivirus software companies have updated their products against this malware. Even though several actions took placed, it was found that about half a million affected computers are still have access to internet as its users are not aware about this malicious software. Thus, FBI has announced that these computers will lose their Internet connection from July 9 onwards.
Fortunately, there are no infected computers reported from Sri Lanka yet. But still you can have a check up for your computer for this DNSChanger at http://dns-ok.us/. If you get DNS Resolution = GREEN in green, you are safe. Else, if you get DNS Resolution = RED in red, it is better to have a complete system scan and remove DNSChanger via an updated antivirus software.
Source : http://www.fbi.gov/news/stories/2011/november/malware_110911
This DNSChanger virus affects the Windows and MAC systems and it was around the Internet since 2007. What it basically does is changing the DNS settings used by the system. DNS (Domain Name System) is an Internet service that converts user-friendly domain names (www.google.lk) into the numerical Internet protocol (IP) addresses (192.232.134.52) that computers use to talk to each other. First, DNSChanger changes the computer’s DNS server settings to replace the ISP’s good DNS servers with rogue DNS servers operated by the criminal. Second, it attempts to access devices on the victim’s small office/home office (SOHO) network that run a dynamic host configuration protocol (DHCP) server (eg. a router or home gateway). Further, this virus can spread itself into other machines if you are using a LAN by changing the settings of the router. Making it worse, this will block you from accessing anti virus softwares too.
The Bottnet network which was used to spread this DNSChanger was disabled in last November by FBI, USA through their special mission called 'Ghost Click'. Moreover, most of the anivirus software companies have updated their products against this malware. Even though several actions took placed, it was found that about half a million affected computers are still have access to internet as its users are not aware about this malicious software. Thus, FBI has announced that these computers will lose their Internet connection from July 9 onwards.
Fortunately, there are no infected computers reported from Sri Lanka yet. But still you can have a check up for your computer for this DNSChanger at http://dns-ok.us/. If you get DNS Resolution = GREEN in green, you are safe. Else, if you get DNS Resolution = RED in red, it is better to have a complete system scan and remove DNSChanger via an updated antivirus software.
Source : http://www.fbi.gov/news/stories/2011/november/malware_110911