DNSChanger ‘temporary’ DNS servers go dark soon: is your computer really fixed?

by Cameron Camp Security Researcher DNSChanger, a piece of malware that re-routed vast swaths of Internet traffic through rogue DNS servers after users became infected, was shut down by the FBI late last year. But simply shutting down the servers altogether would have ‘broken’ many hundreds of thousands of computers still infected–rendering it difficult for Read More

TechMan: Where do I report?

    May 6, 2012 12:03 am By Ced Kurtz / Pittsburgh Post-Gazette When the FBI asks for help, TechMan always tries to oblige. There was that small matter with Patty Hearst a few years ago. And to go even further back, there was the night J. Edgar called and asked if I knew which movie John Read More

DNSChanger – Cleaning Up 4 Million Infected Hosts

By Kurt Baumgartner The FBI’s “Operation Ghost Click” announcement in Nov 2011, involving the Rove Digital botnet delayed cleanup efforts that we previously discussed, continues to haunt both the internet networks and the mass media. A Forbes article and a Times article yesterday brought the apparition back to the front, with some claiming that the site offered by Read More

CIRA Develops Online DNSChanger Malware Checker

2012-04-21 The Canadian Internet Registration Authority (CIRA), in collaboration with Public Safety Canada and the Canadian Radio-television Telecommunications Commission (CRTC), has developed an online DNS Checker to screen users’ computers for the DNSChanger malware. CIRA says the free online tool lets Canadian Internet users to detect if their computer is affected by the DNSChanger malware. Read More

IDP/IPS “Snort” Signatures for DNS Changer

Thanks to the Emerging Threats community, we have updated and maintained signatures for DNS Changer. These signatures would be critical to an organization to spot and remediate violated machines in their network. Please check out this updated list here (DNS Changer Signatures) What is the “Emerging Threats community?” The community produces the fastest moving and Read More

8 Suggestions for Mitigating and Preventing DNSChanger Malware in your Enterprise – What Can Help You Avoid Being a Victim

8 Suggestions for Mitigating and Preventing DNSChanger Malware in your Enterprise What Can Help You Avoid Being a Victim March 28th, 2012 by Brian Rexroad   This is a follow-up to a previous blog that was titled “Stopping DNS Changer Malware on the Internet.”  I have been receiving some questions from enterprise customers about this Read More

DNS Changer: Countdown clock reset, but still ticking

By Gary Warner Last November, the main FBI.gov website headline was “DNS Malware: Is Your Computer Infected?”. The story detailed the arrest of six Estonian criminals who had infected more than 4 million computers with malware that changed Domain Name Server settings on the impacted computers. The impact of this change was that when a Read More

Consumer alert: Is your computer infected with DNSChanger?

{From Australia}       DNSChanger is malicious software (malware) that may have been installed on your computer without your knowledge. Approximately 10,000 Australian internet users are currently infected with this malware. If your computer is infected you need to remove it. If you don’t remove it by 9 July 2012, you won’t be able Read More