“Monday, 9th of July, at 06:00 (MEZ) the temporary DNS-servers setup by FBIwill be shut down. But still there are still thousands of infected machines – one can wonder, what will happen to them, since malware which was constantly being used by cyber criminals to access confidential data from throughout the world.
Computers in the internet have their own address – the IP-address. There are two versions:
IPv4 which is a 32-bit address e.g. 195.122.169.23 and
IPv6 which is a 128-bit address e.g. 2001:db8:85a3:8d3:1319:8a2e:370:7347
In order to combat the DNS Changer and associated viruses from affecting more people/computers, the FBI has brought out a mechanism through which you can identify whether your computer system is affected by the DNS changer or not. There is also a deadline set by the FBI that is July 9 2012. By this date, computers infected with the DNS Changer will be denied internet access as the FBI might shut down temporary DNS Servers that are infected.
There is no need to panic as the FBI has put up a robust virus scanning mechanism ( website) through which you can scan your computer and also remove the virus completely as the site also provides a step-by-step guide to remove the infection completely.
What Happened:In November 2011, the FBI identified and located a ring of cyber criminals that had infected more than four million computers across the world with a Trojan known as DNSChanger. DNSChanger infiltrated both personal and corporate PCs redirecting computers to a set of DNS servers which directed Web searches to malicious Web sites. Beginning in 2007, the cyber ring used a class of malware called DNSChanger to infect approximately 4 million computers in more than 100 countries. There were about 500,000 infections in the U.S., including computers belonging to individuals, businesses, and government agencies such as NASA. The thieves were able to manipulate Internet advertising to generate at least $14 million in illicit fees.This is called “clickjacking” which is a technique where infected users think they are clicking on one website but are actually redirected to the fraudsters advertisement websites so they can get the click revenue stream.
http://www.varindia.com/FBI_Suspend-Internet-Connectivity.htm
About a quarter-million computer users around the world are at risk of losing internet access on Monday because of malicious software at the heart of a hacking scam that US authorities shut down last November.
Some blogs and news reports hyped the risk of an outage, warning of a potential ‘blackout’ and describing the Alureon malware as the ‘Internet Doomsday’ virus.
Yet experts said only a tiny fraction of computer users were at risk, and internet providers would be on call to quickly restore service. They said they considered the threat to be small compared with more-prevalent viruses such as Zeus and SpyEye, which infect millions of PCs and are used to commit financial fraud.
As of this week, about 245,000 computers worldwide were still infected by Alureon and its brethren, according to security firm Deteque. That included 45,355 computers in the United States.
The viruses were designed to redirect internet traffic through rogue DNS servers controlled by criminals, according to the FBI. DNS servers are computer switchboards that direct web traffic.
When authorities took down the rogue servers, a federal judge in New York ordered that temporary servers be kept in place while the victims’ machines were repaired. The temporary servers will shut down at 12:01 am EDT (0401 GMT) on Monday, which means the infected PCs that have not been fixed will no longer be able to connect to the internet.
Some US internet providers, including AT&T and Time Warner Cable, have made temporary arrangements so that their customers will be able to access the internet using the address of the rogue DNS servers.
Pingback: 9 Iulie: Puțină Alertă !! | blog