Yet another Shadowserver.org illustration to explore the geographic view of DNS Changer infections from Jan 2012 to Mar 2012.
Shadowserver has pulled together a word map based on country to illustrate which countries had more infections. The size of the word relates to the number of infections.
Shadowserver.org has provided a Hilbert Map (with video) of all the infections from Jan 2012 to March 2012.This is a useful tool to spot “hot spots” based on IPv4 prefix ranges. More information on Hilbert Maps can be found at: http://www.caida.org/research/traffic-analysis/arin-heatmaps/ http://www.team-cymru.org/Monitoring/Malevolence/maps.html
By Fahmida Y. Rashid Facebook will notify users who have DNSChanger malware on their computers of the infection and remind them that if left infected, they will lose Internet access come July 9. When a user browses to Facebook from a DNSChanger-infected computer, the social networking giant will display an alert with a link to Read More
by Cameron Camp Security Researcher DNSChanger, a piece of malware that re-routed vast swaths of Internet traffic through rogue DNS servers after users became infected, was shut down by the FBI late last year. But simply shutting down the servers altogether would have ‘broken’ many hundreds of thousands of computers still infected–rendering it difficult for Read More
May 6, 2012 12:03 am By Ced Kurtz / Pittsburgh Post-Gazette When the FBI asks for help, TechMan always tries to oblige. There was that small matter with Patty Hearst a few years ago. And to go even further back, there was the night J. Edgar called and asked if I knew which movie John Read More
by Suzanne Choney July 9 might be “Internet doomsday” for PC and Mac users who haven’t taken steps to make sure their systems are not infected with what’s being called DNSChanger malware. That’s right: Your Internet connection may not work that day because the safety net now in place from the FBI against the malware Read More
By Kurt Baumgartner The FBI’s “Operation Ghost Click” announcement in Nov 2011, involving the Rove Digital botnet delayed cleanup efforts that we previously discussed, continues to haunt both the internet networks and the mass media. A Forbes article and a Times article yesterday brought the apparition back to the front, with some claiming that the site offered by Read More
2012-04-21 The Canadian Internet Registration Authority (CIRA), in collaboration with Public Safety Canada and the Canadian Radio-television Telecommunications Commission (CRTC), has developed an online DNS Checker to screen users’ computers for the DNSChanger malware. CIRA says the free online tool lets Canadian Internet users to detect if their computer is affected by the DNSChanger malware. Read More
Thanks to the Emerging Threats community, we have updated and maintained signatures for DNS Changer. These signatures would be critical to an organization to spot and remediate violated machines in their network. Please check out this updated list here (DNS Changer Signatures) What is the “Emerging Threats community?” The community produces the fastest moving and Read More