Jul 9, 2012

DNSChanger Malware : Thousands May Lose Net Access On July 9th July





The warnings about the Internet problem have been splashed across Facebook and Google. Internet service providers have sent notices, and the FBI set up a special website.

Thousands of Canadians could be among the hundreds of thousands of people around the world who might lose Internet
access on July 9.That's the day the FBI will shut down all the "clean servers" it set up to combat a massive hacking operation.

Last November the FBI arrested and charged six Estonian men behind the malware as part of Operation Ghost Click. These hackers were able to make a fortune off their project, raking in millions for ads placed on their fraudulent websites.On the eve of the arrests, the FBI hired Paul Vixie, chairman of the Internet Systems Consortium (ISC) to install two temporary Internet servers that would prevent infected users from losing access to the Internet once the DNSChanger botnet was shut down.

DNS (Domain Name System) is a core Internet technology used to convert human readable domain names suchasfacebook.com into an IP address such as 10.181.211.1, which a computer understands.

It's estimated that there is still around 277,00 infections worldwide, despite a massive clean up operation. If you're concerned about your own PC, or family members, then there's a DNS checker website or more information over at the DNS Changer Working Group.

Running the temporary servers for eight months has cost the FBI $87,000. Both Facebook and Google created their own warning messages that showed up if someone using either site appeared to have an infected computer. Facebook users would get a message that says, "Your computer or network might be infected," along with a link that users can click for more information.Google users got a similar message, displayed at the top of a Google search results page. It also provides information on correcting the problem.

Ensure that the DNS Servers are not within the following range of Internet Protocols (IPs):
- 85.255.112.0 through 85.255.127.255
- 67.210.0.0 through 67.210.15.255
- 93.188.160.0 through 93.188.167.255
- 77.67.83.0 through 77.67.83.255
- 213.109.64.0 through 213.109.79.255
- 64.28.176.0 through 64.28.191.255

No comments:

Post a Comment