The FBI is on your back - beware! Stay safe with ME
Look who is chasing malware now. It’s the FBI of the United States. After busting all the bad guys in the world (sometimes even inside countries considered friendly to them) they are now on to a new hunt - the deadliest DNSChanger Trojan malware.
This Trojan malware is considered to be the most massive internet fraud ever. The truth is that the computers affected with the DNSChanger malware is potentially vulnerable to attacks from other viruses and malware. To understand the enormity of this malware, see what TheHackerNews.com had to say about it ( the article ).
Though the FBI has shut down the fraudulent DNS network, to make sure the infected user computers continue to access the internet they have setup a temporary DNSChanger Command and Control network with due consent from the court. This network is nearing its expiry date on March 8th as per the verdict. So, if you use Windows and MacOS, it is advised that you do a complete health check for your system.
The list of rogue DNS server addresses published by FBI
Irrespective of whether you are an individual or part of a company, the first thing you have to do is to ensure that the following tasks are completed:
Stay safe with ME – A Free Tool from Manage Engine
We at ManageEngine understand this pain and have come-up with a small quick tool that helps detect whether your system is infected or not, in a second.
What if your system is infected?
Visit Trend Micro’s HouseCall for a free scan and clean-up and notify the FBI by submitting this form . You should also contact your Internet Service Provider (ISP) for advice on restoring your legitimate DNS settings.
To avoid such incidents in future, FBI also provides guidelines on the following::
So, stay connected to the Internet, prevent your systems from a Trojan attack. Download this tool and do a self-test on your systems now.
This Trojan malware is considered to be the most massive internet fraud ever. The truth is that the computers affected with the DNSChanger malware is potentially vulnerable to attacks from other viruses and malware. To understand the enormity of this malware, see what TheHackerNews.com had to say about it ( the article ).
What really makes this malware big news is that it can block millions of computers from the Internet as early as March 8th.“The DNSChanger malware was first discovered around 2007, and since this time has infected millions of computers, around 500,000 of them being in the U.S., and through these computers the criminals have reportedly pulled in around $14 million in stolen funds.”
Though the FBI has shut down the fraudulent DNS network, to make sure the infected user computers continue to access the internet they have setup a temporary DNSChanger Command and Control network with due consent from the court. This network is nearing its expiry date on March 8th as per the verdict. So, if you use Windows and MacOS, it is advised that you do a complete health check for your system.
To elude such adversity, FBI published the list of rogue DNS server addresses, along with instructions to manually check whether your system is infected or not. ( The FBI doc )“…Unless the FBI obtains a new court order allowing them to continue operating the temporary network, the network will be turned off. Resulting in millions of computers, world-wide, no longer being able to access the Internet.” – Source TheHackerNews.com
The list of rogue DNS server addresses published by FBI
85.255.112.0 through 85.255.127.255 | 77.67.83.0 through 77.67.83.255 |
67.210.0.0 through 67.210.15.255 | 213.109.64.0 through 213.109.79.255 |
93.188.160.0 through 93.188.167.255 | 64.28.176.0 through 64.28.191.255 |
Irrespective of whether you are an individual or part of a company, the first thing you have to do is to ensure that the following tasks are completed:
- Secure your Internet gateway i.e. your router or the firewall has the legitimate DNS details provided by your Internet Service Provider (ISP). In other words, your DNS server details should not match any of the server addresses from the rogue DNS server address list.
- Scan your DNS server (For companies), servers and end-user machines for this Trojan and correct them immediately.
Stay safe with ME – A Free Tool from Manage Engine
We at ManageEngine understand this pain and have come-up with a small quick tool that helps detect whether your system is infected or not, in a second.
All you have to do is, download this DNS Checker tool and run it in your system. It will display a popup message with the information of the DNS server details of your system.
What if your system is infected?
Visit Trend Micro’s HouseCall for a free scan and clean-up and notify the FBI by submitting this form . You should also contact your Internet Service Provider (ISP) for advice on restoring your legitimate DNS settings.
To avoid such incidents in future, FBI also provides guidelines on the following::
- Securing your browser: https://www.us-cert.gov/reading_room/securing_browser/
- Protecting your system against malware and Trojan-recovery guidelines for your system: https://www.us-cert.gov/reading_room/trojan-recovery.pdf
So, stay connected to the Internet, prevent your systems from a Trojan attack. Download this tool and do a self-test on your systems now.
Comments