Malware may knock thousands off Internet on Monday

[IIIII]

Malware may knock thousands off Internet on Monday

Source: AP-Excite

By LOLITA C. BALDOR

WASHINGTON (AP) - The warnings about the Internet problem have been splashed across Facebook and Google. Internet service providers have sent notices, and the FBI set up a special website.

But tens of thousands of Americans may still lose their Internet service Monday unless they do a quick check of their computers for malware that could have taken over their machines more than a year ago.

Despite repeated alerts, the number of computers that probably are infected is more than 277,000 worldwide, down from about 360,000 in April. Of those still infected, the FBI believes that about 64,000 are in the United States.

Users whose computers are still infected Monday will lose their ability to go online, and they will have to call their service providers for help deleting the malware and reconnecting to the Internet.



Read more: http://apnews.excite.com/article/201...D9VQJTNO0.html

[SteamPunk]

Vague post is vague.

[broseph]

you see? i told you the Millennium Bug was real...it was just late.

[LSA King]

My opinions on this are troubled.

On one hand:

-People who aren't running a monthly AV scan to solve an easily identifiable problem deserve getting there Internet shut off for there own stupidity.

-This should have happened immediately the C&C server was busted by the feds.

-The Feds should NEVER have continued on running the C&C server.

-The Feds should have reached out to ISP's (IP's connecting to the DNS C&C server) and ISP's should have taken better action with agencies to warn people.

-Nobody does or SHOULD trust the feds to run these servers, who knows what purposes they are using it for and what information they are logging. Never trust the Feds.

Other side:

-I can see why they did try and do a decent thing keeping it running, but it's an easily fixable and they're making it out to be some big fucking scary. Shut the goddamn thing off you stupid fucks quit pumping it up into something it isn't. The fear mongering they've done over the past year is ridiculous and probably just another excuse for the Feds to lobby congress to give them more Internet powers.

Run AV scan which would remove the ancient maleware > change DNS settings. DONE

[IIIII]

Home
News
Detect
Fix
Protect
Networks
ISPs
Victim Rights
Data
About/Contact


Detect
Find out if you have been violated and infected with DNS Changer. No software will be downloaded to perform the check.

Fix
If you think you are infected, please follow take action to fix your computer now.

Protect
Protect your computer from DNS Changer.
What is the DNS Changer Malware?
On November 8, the FBI, the NASA-OIG and Estonian police arrested several cyber criminals in “Operation Ghost Click”. The criminals operated under the company name “Rove Digital”, and distributed DNS changing viruses, variously known as TDSS, Alureon, TidServ and TDL4 viruses. You can read more about the arrest of the Rove Digital principals here, and in the FBI Press Release.

What does the DNS Changer Malware do?
The botnet operated by Rove Digital altered user DNS settings, pointing victims to malicious DNS in data centers in Estonia, New York, and Chicago. The malicious DNS servers would give fake, malicious answers, altering user searches, and promoting fake and dangerous products. Because every web search starts with DNS, the malware showed users an altered version of the Internet.

Under a court order, expiring July 9, the Internet Systems Consortium is operating replacement DNS servers for the Rove Digital network. This will allow affected networks time to identify infected hosts, and avoid sudden disruption of services to victim machines.

How Can I Protect Myself?
This page describes how you can determine if you are infected, and how you can clean infected machines. To check if you’re infected, Click Here. If you believe you are infected, here are instructions on how to clean your computer.

DNS Changer – Top 25 ASNs
By bgreene On June 13, 2012 · Add Comment · In Data, News
Top 25 ASNs seen on Monday, June 11th who have DNS Changer infections communicating with the DCWG Clean DNS servers. +-------+------------+ | asn | unique_ips | +-------+------------+ | 9829 | 15568 | | 3269 | 13406 | | 7922 | 11964 | | 3320 | 9250 | | 7132 | 6743 | | 3215 | [...]
Read Full Article →

Top DNS Changer Infections by Country
By bgreene On June 13, 2012 · Add Comment · In Data, News
Here is our latest country based on Country codes for Monday, June 11th: +----+------------+ | cc | unique_ips | +----+------------+ | US | 69517 | | IT | 26494 | | IN | 21302 | | GB | 19589 | | DE | 18427 | | FR | 10454 | | CN | 10304 [...]
Read Full Article →

Updated DNS Changer Data – Daily Count of Unique IP Addresses
By bgreene On June 13, 2012 · Add Comment · In Data, News
The following is our latest figures on the number of unique IP addresses communicating with the DNS Changer “Clean Servers.” +------------+------------+ | date | unique_ips | +------------+------------+ | 2011-11-08 | 551436 | | 2011-11-09 | 567957 | | 2011-11-10 | 672972 | | 2011-11-11 | 661664 | | 2011-11-12 | 617054 | | 2011-11-13 | [...]
Read Full Article →

Geo Movie of DNS Changer Infections – Jan 2012 to Mar 2012
By bgreene On June 12, 2012 · Add Comment · In Data, News
Yet another Shadowserver.org illustration to explore the geographic view of DNS Changer infections from Jan 2012 to Mar 2012.
Read Full Article →

Word Map of DNS Changer infections by Country
On June 12, 2012 By bgreene
Shadowserver has pulled together a word map based on country to illustrate which countries had more infections. The size of the word relates to the number of infections.
Read Full Article →

Hilbert Map of DNS Changer Infections from Jan 2012 to March 2012
On June 12, 2012 By bgreene
Shadowserver.org has provided a Hilbert Map (with video) of all the infections from Jan 2012 to March 2012.This is a useful tool to spot “hot spots” based on IPv4 prefix ranges. More information on Hilbert Maps can be found at: http://www.caida.org/research/traffi...arin-heatmaps/ http://www.team-cymru.org/Monitoring...ence/maps.html
Read Full Article →

Facebook Alerts Users About DNSChanger Malware
On June 6, 2012 By bgreene
By Fahmida Y. Rashid Facebook will notify users who have DNSChanger malware on their computers of the infection and remind them that if left infected, they will lose Internet access come July 9. When a user browses to Facebook from a DNSChanger-infected computer, the social networking giant will [...]
Read Full Article →

DNSChanger ‘temporary’ DNS servers go dark soon: is your computer really fixed?
On June 3, 2012 By bgreene
by Cameron Camp Security Researcher DNSChanger, a piece of malware that re-routed vast swaths of Internet traffic through rogue DNS servers after users became infected, was shut down by the FBI late last year. But simply shutting down the servers altogether would have ‘broken’ many hundreds of thousands [...]
Read Full Article →

TechMan: Where do I report?
On May 6, 2012 By bgreene
May 6, 2012 12:03 am By Ced Kurtz / Pittsburgh Post-Gazette When the FBI asks for help, TechMan always tries to oblige. There was that small matter with Patty Hearst a few years ago. And to go even further back, there was the [...]
Read Full Article →

July 9 could be ‘Internet doomsday’ for some (so check your PC or Mac)
On April 26, 2012 By bgreene
by Suzanne Choney July 9 might be “Internet doomsday” for PC and Mac users who haven’t taken steps to make sure their systems are not infected with what’s being called DNSChanger malware. That’s right: Your Internet connection may not work that day because the safety net now in [...]
Read Full Article →
← Previous Entries

~~~~~~~~~~~~~~~~~~ from:


http://www.dcwg.org/

[General Butt.Naked]

Ummmm...64,000 people in the USA....out of like....iunno 250 MILLION? Blown out of proportion much?

And 277,000 out of 6 billion worldwide?

[STD]

I lol'd when I saw this was all to do with DNSChanger... that's like, from... 2008?