Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[sheddyian]

I've just been reading about the DNSChanger Malware that had infected many many machines around the world.  Basically, it redirected your DNS queries to rogue servers, who could then redirect you.  The FBI arrested at least some of those responsible, and were granted a court order to carry on running the rogue DNS servers, because otherwise many people would suddenly lose internet connectivity.

This court order runs out on July 9th.  So if you've got DNSChanger malware, your internet access will stop.

There is a simple check on the DNSChanger Working Group web site, here :

http://www.dcwg.org/

I put this out because there are news stories today that there are still a significant number of computers relying on these former-rogue DNS servers, and they are going to get a shock on July 9th!

Hope this doesn't read too much like one of those scare OMG Virus!!!!1 emails, this is legit as far as I can tell.

Ian

[kitz]

Yes it is legit and many PCs around the globe were (and possibly still are) infected... including some gvt ones I believe!
I dont know whether it will be as much of a predicted Internet doomsday as some of the rumours make out though.

However, it is a timely reminder that you can easily check to see if you are infected by clicking the following link, - which is also mentioned in your link to the dcwg.

http://www.dns-ok.us/

[guest]

First instances of this are showing up on Sky forums now despite the fact we're down to about 13k connections affected within the UK.

Personally I'd just leave them cutoff until they agree to have MS security essentials installed and up to date.

Might seem harsh but here's an example of the "average user", he's my next-door neighbour :

I cleaned a particularly nasty set of trojans off their desktop machine a couple of years back. This was seriously nasty stuff - we're talking millions of spam emails sent from that machine and more than half were to do with extreme child porn. ISP was NTL/Virgin so total incompetence there regarding anything to do with malware/mail relays.

They were suitably horrified, I installed some AV and made sure he paid for it.

A bit over 18 months later I had to clean some more malware for them and I noticed the AV was out of date. "Oh" says he "I didn't get any viruses when it was on so it was a waste of money".

I kid you not.

Oh and this guy isn't some moron, he's what used to be called "Mondeo Man" (now Audi man) and has a senior role in UK energy distribution - in fact you ALL pay more renewable subsidies because of him, even if you don't think you do.

These people will pay £40/hour for a monkey to read diagnostics off an engine management unit in their car but won't pay £20/hour for someone to fix their PC/tablet/phone/connection.

The UK is {censored}.

[silversurfer44]

What I say is the next time he wants his PC looked at hit him with a bill before doing the work.
If he won't pay then don't fix it. Yes you may fall out over it but it may waken him up.
Yes I have done it to so called friends, they are only friends when they want something doing for nothing.

Been there, done it etc..............

[sheddyian]

First instances of this are showing up on Sky forums now despite the fact we're down to about 13k connections affected within the UK.

Any chance of some links for, um, education purposes?

Ian

[guest]

http://helpforum.sky.com/t5/Sky-Broadband-Setup-Cabling/Cannot-Access-Certain-Websites/td-p/503416

http://helpforum.sky.com/t5/Sky-Broadband-Setup-Cabling/No-broadband-connection/td-p/498132

http://helpforum.sky.com/t5/Sky-Broadband-Setup-Cabling/Blocked-Sites/td-p/502048

There's no doubt more of them, I cba telling them how to fix the problem. Maybe this will be a lesson for them but I doubt it. Some people are just too stupid to have anything other than the "Janet & John" version of the internet

[guest]

What I say is the next time he wants his PC looked at hit him with a bill before doing the work.
If he won't pay then don't fix it. Yes you may fall out over it but it may waken him up.
Yes I have done it to so called friends, they are only friends when they want something doing for nothing.

Been there, done it etc..............

After the last time I told him I'm not fixing any more problems for him which are caused by him being a tight git.

Back to planning out a new home network - properly done with patch panel/documentation/centrally sited AP etc. If I dropped dead tomorrow the wife would have zero chance of fixing anything that went wrong, nor would any of the "PC fixers" who advertise locally. Found a nice wall-mountable patch panel from Screwfix of all places

[kitz]

I notice from one of those posts that the op says http://www.dns-ok.us/ is no longer working.

However if they read the page properly  ...  and follow the link on that page, then they should eventually end up with this page which tells them how to check manually.

http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf

[tonyappuk]

I'm probably being a bit naive but if your PC is still going to the sites you intend either you haven't been infected or it doesn't matter anyway because your PC is still working. Could some kind erudite soul point out the error in my thinking, please?
Tony

[asbokid]

http://helpforum.sky.com/t5/Sky-Broadband-Setup-Cabling/Cannot-Access-Certain-Websites/td-p/503416

http://helpforum.sky.com/t5/Sky-Broadband-Setup-Cabling/No-broadband-connection/td-p/498132

http://helpforum.sky.com/t5/Sky-Broadband-Setup-Cabling/Blocked-Sites/td-p/502048

There's no doubt more of them, I cba telling them how to fix the problem. Maybe this will be a lesson for them but I doubt it. Some people are just too stupid to have anything other than the "Janet & John" version of the internet

Aha!  I think you solved another mystery!

The end user in the first thread was instructed to use Google's DNS server ( 8.8.8.8 )   

If users by their thousands follow the same instructions, that's maybe why Google's DNS servers suddenly ground to a halt?!

Reading between the lines <warning: conspiracy theory follows>..

Google is not entirely pleased by the extra load this viral remedy is placing on their name-servers 

And to encourage users to push off and find their own DNS settings, the $200bn giant has intentionally introduced a 10,000ms latency on DNS resolution!

<no proof of that, of course!>

cheers, a

[kitz]

>>> The end user in the first thread was instructed to use Google's DNS server
>>> If users by their thousands follow the same instructions, does that explain why Google's DNS servers suddenly ground to a halt?!

Hmmmm.. you have a very valid point there, google DNS has been very icky over the past couple of weeks, I guess you have just pointed out the obvious reason why.