I don’t know about you, but I find this funny as hell, and I’m expecting a very good laugh soon ;D
Apparently DNSchanger was widows malware that changed windows DNS network settings so an affected PC would connect to bogus DNS servers, which were resolving entered URL’s to the IP’s of malicious sites.
The botnet operated by Rove Digital altered user DNS settings, pointing victims to malicious DNS in data centers in Estonia, New York, and Chicago. The malicious DNS servers would give fake, malicious answers, altering user searches, and promoting fake and dangerous products. Because every web search starts with DNS, the malware showed users an altered version of the Internet.
Under a court order, expiring July 9, the Internet Systems Consortium is operating replacement DNS servers for the Rove Digital network. This will allow affected networks time to identify infected hosts, and avoid sudden disruption of services to victim machines.
The FBI with the help of European agencies arrested the people who were running the DNS servers, and so that the millions of affected machines weren’t immediately disconnected from the internet, they replaced the DNS servers with correctly configured ones.
Problem is, the FBI are now saying they are finding the running of the “real” DNS servers too expensive … so are going to pull the plug on the 9th July 2012 (they were originally going to pull the plug in march, but revised the date).
Reversing the changes made by DNSchanger is very easy, there are plenty of tools for automatically removal available … though the FBI say that the number of affected machines has dropped sharply from “millions”, there still appears to be 350,000 machines affected.
My first reaction would have been “serves them right for using windows” but then I realised that there is no mention in that article (first link)
of Windows as such. Just PC, which would imply all computers could be infected. It neglects to tell that this virus is only affecting Windows machines.
You are right of course.
But I have no problem with recognizing the issue at hand. My concern is that (most of) the mainstream press
is reporting it in a way that the Microsoft OS is not implicated in any way as being the only OS that is vulnerable.
Is this a “being nice” to Microsoft or it is “being ignorant”.
Ahh … I see your point. (sorry, I must have been having a thick moment there)
I’m going to give them the benefit of the doubt, and assume they consider it a non-question in a “of course it’s a Windows virus, aren’t they all” kind of way
get ready for the fallout from the computer challenged facebook & twitter addicts-look how bad it is whenever facebook especialy has technical work and shuts temperarily.
itll be mass rage/cigarette huffing/withdrawals,and confusion overall due to not being able to draw completely unrelated pictures on the ‘draw something’ app,update their status and the rest of that crap.
but then both us hobby and profesional techies will be on the end of it,required to jump at the request of their demand no doubt,have always charged a can of redbull per fixing whatever problem it is,no one ever does it so they can do it themselves.
this win virus sounds like the next ‘ms blaster’ if anyone remembers that.
Not just me that rants about about the fekbook aficionados then
Can of Redbull for rootkit removal … you’re cheap … I know this particular rootkit is quite an easy fix, but it’s only easy if you know how … they’re paying for a skill they don’t possess … and this is one piece of malware they’ll not be able to ignore, I say “make em pay”, Mwuhahahah :o
If anyone is using windows (or dual boot) and wants to know if the DNSchanger' is affecting there pc. apparently opendns’ will pick it up. http://www.opendns.com/
