• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Kudos0

DNS Changer Malware

Hi All

I just finished reading a newstory on the above named virus. There is a link to a webiste (a partner of the FBI) http://www.dcwg.org . Now, I, the paranoid one, don't want to enter this website without first doing some research.

I've found no mention of this malware on this site, but would like to know if anyone is familiar with it and if N360 and Malwarebytes Free could/should have found it.

Any feedback is more than appreciated

Thank

Barb, the Super Paranoid Computer User

Replies

Kudos0

Re: DNS Changer Malware

Hi All

I just finished reading a newstory on the above named virus. There is a link to a webiste (a partner of the FBI) http://www.dcwg.org . Now, I, the paranoid one, don't want to enter this website without first doing some research.

I've found no mention of this malware on this site, but would like to know if anyone is familiar with it and if N360 and Malwarebytes Free could/should have found it.

Any feedback is more than appreciated

Thank

Barb, the Super Paranoid Computer User

Kudos1

Re: DNS Changer Malware


fritzmom wrote:

Hi All

I just finished reading a newstory on the above named virus. There is a link to a webiste (a partner of the FBI) http://www.dcwg.org . Now, I, the paranoid one, don't want to enter this website without first doing some research.

I've found no mention of this malware on this site, but would like to know if anyone is familiar with it and if N360 and Malwarebytes Free could/should have found it.

Any feedback is more than appreciated

Thank

Barb, the Super Paranoid Computer User


Hi Barb,

Here is some information posted on the Comcast Security Forum in regards to  DNS Changer, it may supply some of the answers to your questions/concerns:  http://forums.comcast.com/t5/Security-and-Anti-Virus/DNS-Changer-Bot-FAQ/m-p/1215341/highlight/true#M86225

Kudos2

Re: DNS Changer Malware

Hi fritzmom,

That is a legitimate site for checking your PC for DNS Changer.  Also see my post here for more information:

http://community.norton.com/t5/Norton-Internet-Security-Norton/Will-Lose-Internet-in-July/m-p/701503/highlight/true#M201451

Kudos0

Re: DNS Changer Malware

Thanks for the replies....I'll be able to rest easier now.

Barb

Kudos1

Re: DNS Changer Malware

If you have such (sensible) concerns about a website then you can always check it out on Norton Safe Web (which comes with N360) before you try it.  I did!   ;-)

Mike
Kudos0

Re: DNS Changer Malware

Andmike

Geez I must be getting old & forgetful, didn't even dawn on me to check with Safe Web!

Thanks for the reminder!!!
Kudos1

Re: DNS Changer Malware

I want to put everyone at ease and tell them yes this is true. My husband works for an IT company with a very high security clearance and he wouldn't have sent this to me in my email for me to do unless it was true. Me being suspicious as well went to the FBI website and searched for malware and the same information came up. Also, I Googled it and many different news stations including the AP were reporting on this. All you do is click on the green button and if you get a green background come up you are fine. It took 3 seconds for me. Depending on your processor or your ISP connection. If you still have doubt, and that is NOT a wrong thing, please contact your ISP provider. They should be able to help you as well. I hope this helps.

Kudos0

Re: DNS Changer Malware

Snoopyfan,

I had an intermediate step between the first green button and a result, where I selected a specific checker location.

I came up Green after that but note this at the bottom of the OK screen:

<< Had your computer been infected with DNS changer malware you would have seen a red background.  Please note, however, that if your ISP is redirecting DNS traffic for its customers you would have reached this site even though you are infected.  >>

Anyone know how you determine whether one's ISP is redirecting DNS traffic?

Hugh
Kudos3

Re: DNS Changer Malware


huwyngr wrote:

Anyone know how you determine whether one's ISP is redirecting DNS traffic?


The DCWG detection page includes instructions for manually checking the addresses of the DNS servers that your computer uses, and comparing these to the DNS Changer server addresses posted on the page.  That is undoubtedly the most reliable way to determine if your DNS lookups are going to the affected servers or not.


http://www.dcwg.org/detect/

I think in most cases where an ISP is redirecting DNS traffic, the ISP will have already notified the user about the situation, since the ISP would be clearly aware that the user's DNS lookups were trying to connect to the DNS Changer server IP addresses.

Kudos0

Re: DNS Changer Malware

Thanks -- I didn't scoll down to the bottom of the page so didn't see the ISP list. It would make sense if they linked to that when they stress the bit I quoted.

Hugh
Kudos0

Re: DNS Changer Malware

Please don't say you are paranoid....you are actually alert and asking the right questions. Some other relevant questions might be:

(1) did Norton protect us from this malware so we don't have to rely on the FBI and login to their hacked DNS system ?, (2) why is the FBI hacking with the DNS system of the Internet ?, (3) "Microsoft vulnerabilities" again were exploited is it time to lookinto LINUX ?, (4) the Associated Press article says from a FBI unit chief "this is the future of what we will be doing", does this sound like SOPA ? Its time to be concerned and vigilant.

Kudos1

Re: DNS Changer Malware


Intrepid wrote:

(1) did Norton protect us from this malware so we don't have to rely on the FBI and login to their hacked DNS system ? 

Yes, Norton detects the malware associated with DNS Changer.  If Norton has not alerted to Zlob or Tidserv on your system, you do not have to worry about losing your internet in July.

(2) why is the FBI hacking with the DNS system of the Internet ?

The FBI is not hacking the DNS system.  Millions of computers that had been infected are still pointing to the DNS servers that were controlled by the people behind DNS Changer.  A court ordered that legitimate DNS servers be maintained at the addresses previously used by the DNS Changer servers so that affected users would have time to clean up the infection on their systems and reset the DNS addresses in their routers and PCs, so they would not lose internet access.  That allotted time runs out July 9, when the interim DNS servers will be shut down and users will need to be getting their DNS service from mainstream providers.

(3) "Microsoft vulnerabilities" again were exploited is it time to lookinto LINUX ?

Linux is an option for some. 

(4) the Associated Press article says from a FBI unit chief "this is the future of what we will be doing", does this sound like SOPA ?  Its time to be concerned and vigilant.

In the era ushered in by Stuxnet, there are issues of cybercrime and cyberwarfare where government involvement is undoubtedly going to be warranted and necessary.  There are other areas where less governmental intervention is probably better.  But then, debates over governmental power and the rights of citizens have always been with us.  Why should the internet be any different?    


Replies are locked for this thread.