All Things Techie With Huge, Unstructured, Intuitive Leaps

This is a MUST - READ -- DNSChanger Malware


DNSChanger Malware

DNS (Domain Name System) is an Internet service that converts user-friendly domain
names into the numerical Internet protocol (IP) addresses that computers use to talk to
each other. When you enter a domain name, such as www.fbi.gov, in your web browser
address bar, your computer contacts DNS servers to determine the IP address for the
website. Your computer then uses this IP address to locate and connect to the website. DNS
servers are operated by your Internet service provider (ISP) and are included in your
computer’s network configuration. DNS and DNS Servers are a critical component of your
computer’s operating environment—without them, you would not be able to access
websites, send e-mail, or use any other Internet services.
Criminals have learned that if they can control a user’s DNS servers, they can control what
sites the user connects to on the Internet. By controlling DNS, a criminal can get an
unsuspecting user to connect to a fraudulent website or to interfere with that user’s online
web browsing. One way criminals do this is by infecting computers with a class of malicious
software (malware) called DNSChanger. In this scenario, the criminal uses the malware to
change the user’s DNS server settings to replace the ISP’s good DNS servers with bad DNS
servers operated by the criminal. A bad DNS server operated by a criminal is referred to as
a rogue DNS server.


About

The DNS Changer Working Group (DCWG) was created to help remediate Rove Digital’s malicious DNS servers. The DCWG helps monitor DNS servers run by ISC, under court order, in the former Rove Digital colo space.

The DCWG is an ad hoc group of subject matter experts, and includes members from organizations such as Georgia Tech, Internet Systems Consortium, Mandiant, National Cyber-Forensics and Training Alliance, Neustar, Spamhaus, Team Cymru, Trend Micro, and the University of Alabama at Birmingham.


Click on this site to see if your computer is infected: (no scan is done and nothing is downloaded)

No comments:

Post a Comment