Saturday, May 5, 2012

NEWS: Hundreds of thousands may lose Internet in July Hackers hijacked computers, but victims don't know

From the Nashville Tennessean Newspaper
and PC Magazine: http://www.pcmag.com/article2/0,2817,2401227,00.asp
WASHINGTON — For computer users, a few mouse clicks could mean the difference between staying online and losing Internet connections this summer.
Unknown to most of them, their problem began when international hackers ran an online advertising scam to take control of infected computers around the world. In a highly unusual response, the FBI set up a safety net months ago using government computers to prevent Internet disruptions for those infected users. But that system is to be shut down.
The FBI is encouraging users to visit a website run by its security partner, www.dcwg.org, that will inform them whether they are infected and explain how to fix the problem. After July 9, infected users won’t be able to connect to the Internet.
Most victims don’t even know their computers have been infected, although the malicious software probably has slowed their Web surfing and disabled their antivirus software, making their machines more vulnerable to other problems.
 GO HERE TO DETECT: http://www.dcwg.org/detect/

BACKGROUND:

What is the DNS Changer Malware?

On November 8, the FBI, the NASA-OIG and Estonian police arrested several cyber criminals in “Operation Ghost Click”. The criminals operated under the company name “Rove Digital”, and distributed DNS changing viruses, variously known as TDSS, Alureon, TidServ and TDL4 viruses. You can read more about the arrest of the Rove Digital principals here, and in the FBI Press Release.

What does the DNS Changer Malware do?

The botnet operated by Rove Digital altered user DNS settings, pointing victims to malicious DNS in data centers in Estonia, New York, and Chicago. The malicious DNS servers would give fake, malicious answers, altering user searches, and promoting fake and dangerous products. Because every web search starts with DNS, the malware showed users an altered version of the Internet.
Under a court order, expiring July 9, the Internet Systems Consortium is operating replacement DNS servers for the Rove Digital network. This will allow affected networks time to identify infected hosts, and avoid sudden disruption of services to victim machines.

No comments:

Post a Comment

Who I am

I'm a simple guy who enjoys the simple things in life, especially our dogs. I volunteer for dog rescues, enjoy exercising, blogging, politics, helping friends and neighbors, participating in ghost investigations, coffee, weather, superheroes, comic books, mystery novels, traveling, 70s and 80s music, classic country music,writing books on ghosts and spirits, cooking simply and keeping in shape. You'll find tidbits of all of these things on this blog and more. EMAIL me at Rgutro@gmail.com - Rob

A Classic Country Music Station to Enjoy