*9th July - The Internet Doomsday* A malware named DNS changer infected 250,000 users...

Status
Not open for further replies.

ankit.kumar010203

Journeyman
*3.bp.blogspot.com/-niuprSEbLTQ/T_heY0BxDkI/AAAAAAAAAQc/lvzqEZML9ag/s1600/internet-doomsday+dns+changer+malware.jpg

It is reported that by 9th July, Monday 250,000 users will loose access to internet. A virus named DNS changer has infected the users. FBI warns that if not cured these users will loose internet access by this date.

The malware, DNS changer, is based on basic internet principle called DNS (Domain Name System). When we open the a link then firstly it is converted to numerical address called ip address and then the page is loaded from the page servers. Without DNS and DNS servers operated by internet service providers users would be unable to browse internet, send emails etc. Now what this virus does is that it infects the users so that when they open a link, they are redirected to the servers of these infectors who earn billions of dollars for this.

As reported by the FBI on their site, they caught the criminals and cleaned up their servers but did not close them. They announced 9th of July as the date to close these servers so that in the meantime users can cure themselves from this malware. The servers were temporarily cleaned and left to work so that the infected users can fix their computers and do not loose internet access suddenly. Now on 9th of july when these servers will be shutdown then every infected user will not be able to access the internet and Internet Doomsday will come.

On 4th June facebook also announced to do it's part and save users from this malware before the 9th july by creating awareness and warning them. Below is the image which facebook shows when a user is infected with this virus.

*2.bp.blogspot.com/-tyVrDe5u7cM/T_helxDgyaI/AAAAAAAAAQk/Z_OX4VTgMfs/s1600/facebook+part+to+save+people+from+internet+doomsday+and+dns+changer.jpg

As predicted, 2012 will really prove to be a year of judgement and 9th of july as the doomsday. If you want to check whether you are infected with this malware then you can visit: DNS Changer Check-Up - Clean
If you are luck then you will see an image like this:
*1.bp.blogspot.com/-xH5SVrvmlSs/T_he2xkXEnI/AAAAAAAAAQs/L70DeNgzZGs/s1600/dns+changer+checking+up+the+internet+access.PNG
 

mitraark

Decrepit
Did they modify the hosts file ( that would be too simple ) , couldn't find any mention in the OP post that only Windows users will be affected.
 

Hrishi

******************
Did they modify the hosts file ( that would be too simple ) , couldn't find any mention in the OP post that only Windows users will be affected.

The criminal replaces the USER's default DNS server provided by his ISP to a rouge DNS server (which is now being cleaned up ).This rogue DNS server was probably setting a redirect to their profitable fraudulent website.

Well that is pretty simple case for the users who have not changed the default login credentials for their routers.
I think the malware tries to ( brute-force/hit and trial with default password ) and log into the ROuter or DHCP server of the victim.
It will then modify the DNS and DHCP settings at the victim's end.

Here is a list of rogue DNS servers obtained from FBI, compare them with your DNS server setting.

"85.255.112.0 through 85.255.127.255
67.210.0.0 through 67.210.15.255
93.188.160.0 through 93.188.167.255
77.67.83.0 through 77.67.83.255
213.109.64.0 through 213.109.79.255
64.28.176.0 through 64.28.191.255 "
.
 
Last edited:

Hrishi

******************
That doesn't matter. Because this malware affects DNS Servers not your PC :p

So if DNS Server is down, you be on Linux or Mac or Windows, it doesn't matters, you won't be able to access internet.

The best way is to secure your router's administration control panel.
At least change the default password.

Well in case if its a virus that resides on the rogue DNS servers then you are very much correct.
However if they have release a local malware too which infects individual host then Linux users might be safe.
 

Desmond

Destroy Erase Improve
Staff member
Admin
I smell conspiracy. Probably something to do with SOPA/PIPA.

On topic: No problem, go out and hangout with friends in REAL social networking. You still know what that is, don't you?
 

topgear

Super Moderator
Staff member
it won't be a "Doomsday" - I'm sure about this and like hsr's pic on post #6 - even I would say bring it on ! ;-)
 

rider

as Kratos
I smell conspiracy. Probably something to do with SOPA/PIPA.

On topic: No problem, go out and hangout with friends in REAL social networking. You still know what that is, don't you?

So, that means not to use internet between tonight's 12:00AM to tomorrow night 12:00 AM
 
Status
Not open for further replies.
Top Bottom