Sunday, August 26, 2012

In a few days you might be disconnect from the network

Approximately 300,000 computers are still connected to the DNS Changer botnet through which cybercriminals from Estonia earned millions of dollars in illegal diversion of traffic from advertising. Gang has been broken up by the FBI and the Estonian police, but still infected computers connecting to the internet by incorrect DNS servers. F-Secure, a Finnish antivirus vendor advice on how to deal with the infection and not lose connection to the internet on July 9.What threatens the DNS Changer infection? Basically, redirecting Internet traffic through "false" servers Estonian criminals, directing traffic so that they can extort clicks and generate illegal profits through advertising. At the height of the number of infected computers was up to 500 thousand, and fell victim not only individual users, but also the company or government agencies (eg, NASA). Criminal network in Estonia has already been broken during Operation Ghost Click International, but the problem is still current - 300,000 unique IP addresses - computer "fingerprint" - still connects to the Internet through alternative DNS servers that are kept alive by the FBI. Deadline for action, as defined by the U.S. court, and once extended from March 8, marks the 9th July.- If the court in New York, the FBI will not allow an extension of surrogate servers, all infected computers will be cut off from the DNS - the company blog warns Sean Sullivan, chief security expert at F-Secure. - Computers will still be connected to the Internet, but will not have access to the "address book", which translates user-friendly addresses - eg google.com - numerical addresses such as 173.194.32.7 - says Sullivan. As a result, users will need to know the addresses of web services in the form of strings of numbers and type them in your browser.DNS Changer - How to overcome it?DNS Changer Software is not a simple virus that permanently redirects traffic from the infected computer to the wrong DNS server. This situation can not be repaired the usual anti-virus scan of your system and remove the malicious program - it is only the first step. This does not mean that you can not deal with it on our own. Anyone can get rid of the DNS Changer.How to do it? First you need to check whether your computer is properly set up DNS forwarding. Simply go to the website http://www.dcwg.org/detect/ - there are links to sites which allow you to check the DNS settings on your computer. According to the list located at http://www.dcwg.org/top-dns-changer-infections-by-country/, in Poland about 5 thousand. computer connects to the wrong DNS servers.If after checking you find that your computer is infected, and the movement of it directed to the wrong DNS server, use the F-Secure tool that will help you reset the DNS settings. You can download it at: ftp://ftp.f-secure.com/anti-virus/tools/beta/DNSCheck/F-Secure_DNSCheck.zip. The tool is used to reset the settings of infected computers only.Please hurry up. By Sean Sullivan, the FBI should turn off as soon as possible alternative servers. - Within six months of the Estonian gang break was repaired less than half of the infected computers. Keeping surrogate servers, the FBI maintains a de facto network of bots - "zombie computers" vulnerable to other malware infections. Frankly, the servers it touches off users of infected computers, but perhaps accelerate their repair - concludes Chief Security F-Secure.

No comments:

Post a Comment