Log In | Register
PHOENIX -- Imagine trying to get online and finding out you've been cut off from the Internet.
It's expected to happen to millions of unsuspecting computer users because of something referred to as the Internet kill switch.
It all started with six guys in, of all places, Estonia in Europe, who infected more than 4 million computers worldwide, half a million in the United States.
Half Million Internet Users Could "Lose Access in Coming Months"
Seeded on Thu Feb 23, 2012 1:59 PM EST
Article Source: azfamily.com
- Enjoy this article? Help vote it up the 'Vine.
- Public Discussion (32)
If your computer's DNS settings falls between any of the following ranges, the FBI says you have DNSChanger Trojan:
85.255.112.0 through 85.255.127.255
67.210.0.0 through 67.210.15.255
93.188.160.0 through 93.188.167.255
77.67.83.0 through 77.67.83.255
213.109.64.0 through 213.109.79.255
64.28.176.0 through 64.28.191.25The FBI has also published a guide to performing the self-check.
Please read article and there is also a video..............
TDR
- 7 votes
#1 - Thu Feb 23, 2012 2:04 PM ESTimo, respectfully,
bull@!$%#.
- 6 votes
#3 - Thu Feb 23, 2012 3:04 PM ESTIt seems to be on the FBI site linked in the article, but do a search on this and everything shows up in 2010 or earlier. Go to Symantec or Secunia and if anything shows up it is old.
- 2 votes
Nope, real. MSNBC has an article on it.
http://www.msnbc.msn.com/id/46501504/ns/technology_and_science-security/
- 1 vote
let me rephrase.
the FBI and their bull@!$%#.
sidenote: because msnbc has an article, this is 'real'?... please, its called strategic propaganda, until they realize how damn stupid they are, and then they try to make it a 'reality', and screw the pooch further... many examples to choose from, just look.
- 3 votes
Well thanks for the heads up. I guess I thought that this was something evil because of the FBI listing. But it's just a virus I guess.
- 2 votes
Is this type of exploit possible? Absolutely.
Is too large of a majority of info from the FBI, homeland insecurity, DEA, and other 3 letter agencies highly suspect as to motive? Even more abso-fricken-lutely.
The government has already stated an interest and intent in finding ways to shutdown the internet and social media sites. Controlling access to information, for ANY reason, must always be questioned as to motive. Under the cover of darkness, the foulest of deeds are much easier to attain. I think that too much has been hidden already by those who like the darkness.
It is much easier to frighten, and control, a scared populace. Fear mongering for the sake of power/control must be able to withstand the touch of light before it can have any true value. Too many times has a little bit of fear been used to take away rights, freedoms, and liberties from the citizens. This sounds like a combination of fear mongering mixed with old news.
I was still newsworthy even if it needs to be looked at with a grain of skepticism. Thanks for the post DR.
- 2 votes
roadhead - Thanks for a well articulated post that reflected what most of us on this thread were referring to.
- 1 vote
Thanks Desert for the info. I will look into it.
Curiouser and curiouser!
Alice from Alice in Wonderland
- 1 vote
#4 - Thu Feb 23, 2012 3:28 PM ESTSo the half million that will lose access will be the ones dumb enough to not have antiVirus software and yet still go to questionable sites. I'm not losing sleep over this.
- 3 votes
#5 - Thu Feb 23, 2012 4:02 PM ESTSo the half million that will lose access will be the ones dumb enough to not have antiVirus software
Many have av but don't realize if they don't keep it updated or pay to keep getting updates, the software doesn't help much.
still go to questionable sites.
That's a common misconception. You can pick up malware from any webserver if the person maintaining it isn't vigilant with its security and av updates. Even then, it can still get infected by new malware and thus infect visiting PCs.
- 3 votes
If you'd like me to revise my opinion to say "you don't have antiVirus software" I'm good. The point is the people who get hit with these virus attacks should have protection.
- 1 vote
...and my point is many believe they have av protection when they don't. It is an educational issue.
My other point is that even with av protection, a PC can become infected. Many can fall victim before the av companies are able to update their protection.
My post was not meant to be a criticism of your post.
- 3 votes
No worries - I didn't feel criticized. We all know even a good AV can miss a virus especially if it's new. But we've been through this before and the world will not come to an end.
- 1 vote
Here's a better link
Brian Krebs published this request for extension by the FBI to continue to operate “clean DNS” servers for another
120 days. The ISC.org team has been running DNS servers that return valid results instead of the invalid results the
rouge DNS servers had been returning. The current order that allowed the isc.org team to run these servers for the FBI expires March 8th 2012.http://krebsonsecurity.com/wp-content/uploads/2012/02/dnschangerextension.pdf
The operation was known as “Ghost Click”. We covered it here.
http://isc.sans.org/diary/Operation+Ghost+Click+FBI+bags+crime+ring+responsible+for+14+million+in+losses/11986The isc.edu handlers have written a lot of diaries around dns-changer type malware since 2007.
The requested 120 day extension still needs to be approved by a Judge and would help ISPs that are notifying
customers to notify more customers. Several tools have been shown to assist infected customers clean this up.
Merike Keao from Double Shot Security included a list of tools that help to clean this up in her presentation at NANOG 54.
http://dcwg.org/docs/DNS_Changer_NANOG54.pdf
This presentation has a LOT of good information in it.The DNS-Changer working group has information on how a Service Provider can obtain a list of infected or affected
customers IP addresses here. http://www.dcwg.org/cleanup.html and lots of other good information at dcwg.orgIn addition it appears Estonia may be willing to extradite 6 of the people accused of running the dns-changer network.
http://balticbusinessnews.com/article/2012/2/21/estonian-court-approves-extradition-of-six-persons-to-us-for-cybercrime
- 1 vote
#6 - Thu Feb 23, 2012 4:05 PM ESTIf it's true, then go for a walk outdoors, enjoy a free day and don't pay your bills. Most banks and companies have made us go to a paperless method of payment and record keeping. I wonder if they ever thought of this sort of situation?
- 2 votes
#9 - Fri Feb 24, 2012 4:09 AM ESTmedia propaganda. FBI is scared of what anonymous is doing so they are doing one better. What a joke.
STR
- 2 votes
#11 - Fri Feb 24, 2012 10:03 AM ESTSounds to me like the FBI highjacked a large section of internet traffic. They are most likely the ones who created the virus in the 1st place then they had to cover thier tracks with a judge because they couldn't hide what they did.
- 1 vote
#12 - Sun Feb 26, 2012 11:37 AM ESTYou can access your modem to check the IP address. If you are on a router the address will not appear on ipconfig...
The trojan can access the router if you do not change the user name and password. You can change it easily. Give your home a "name". Use that for the user name. Use something like your phone number or street address for the password.
- 1 vote
#13 - Thu Mar 1, 2012 12:32 PM ESTYou're in Easy Mode. If you prefer, you can use XHTML Mode instead. |
As a new user, you may notice a few temporary content restrictions. Click here for more info.
