FBI sets July 9 deadline to clean DNSChanger malware
Hundreds of Thousands May Lose Internet in July
These headlines in leading new-papers, sound too good to be true, eye catching and rings alarm bells. For past few days, similar content is making rounds all across the internet, tweets being getting retweeted, and links going viral.
As the D-Day approaches, in this case – 9Th July 2012, more and more security researchers asking everyone to take seriously the threat posed by DNS-Changer Bot. Doesn’t this name sound familiar? Well yes, a few months ago I had blogged about DNS-Changer Bot.
In the previous blog, I had not only mentioned about DNS-Changer but also about few other attacks
2: CPE based DNS Attack which we had witnessed in India.
The above-mentioned attacks, including DNS-Changer Bot attack, depend on messing around with DNS – Domain Name Service. The hacker/ malware authors set up fake DNS servers with fake DNS entries pointing to their own servers serving fake content, the payload of the content may vary from Click-Fraud to Drive-by Downloads.
Providing a solution for DNS-Changer was not our prime task, but to ensure that all the issues which have been outlined, are taken care of, as they are all similar in nature with varying degrees of differences but their end-result is always the same.
Once again, let me assure to you that, users of eScan need not worry about DNS-Changer or about Cache Poisoning or CPE based DNS attacks.
Download the MWAV toolkit from here , which will take care of a lot of things for you along with the dreaded DNS-Changer Botnet.
One more thing, since, so many users are being affected by DNS Changer bot, that would mean,
1: Users are blissfully unaware or
2: Their Antivirus doesn’t take care of this issue.
Either ways, it is the human perception of staying comfortable when all things are working right. In this case, FBI seeking extension from US Court to keep the standby DNS servers alive, ensuring that sites are accessible without any glitch.
As long as FBI keeps on getting the extension, this issue is never going to get resolved, unless and until some drastic steps are initiated, e.g. users being redirected to the warning page.
Google has taken onto itself to notify the users infected by this bot. They are now displaying prominently on top of their search results, a message explaining about the infection, in case the search has been initiated from an infected system.