Computers Infected By 'DNS Changer' Trojan Malware Will Lose Internet Access Monday

[Zaphod Beeblebrox]

On Sun, 8 Jul 2012 15:54:00 -0700, "Gene E. Bloch" <not-
(e-mail address removed)> wrote in article <z1slp5ifs9x8
[email protected]>...

Part of why the Y2K problem wasn't so bad is that a lot of people,
including me, worked hard to fix a lot of systems beforehand.

They ended up getting scorn instead of credit for their work.

I guess that's better than a world-wide collapse

I hear ya, I was also part of the effort to make sure it was a non-
event. Next time, I say we let disaster happen, and become heroes by
saving the world...

Never mind, we'll still get scorn because we didn't prevent it.

Sigh. Don't see how we can win...

--
Zaphod

Adventurer, ex-hippie, good-timer (crook? quite possibly),
manic self-publicist, terrible bad at personal relationships,
often thought to be completely out to lunch.

 

[Chris Davies]

The likelihood of any person being infected by this malware is less than
1/2 of 1 percent.

One in 200? I should hope it's *considerably* less than that.
Chris

 

[Barry Schwarz]

On Mon, 9 Jul 2012 08:13:19 -0400, Zaphod Beeblebrox

snip

I hear ya, I was also part of the effort to make sure it was a non-
event. Next time, I say we let disaster happen, and become heroes by
saving the world...

Never mind, we'll still get scorn because we didn't prevent it.

Sigh. Don't see how we can win...

Why is this a surprise? Look at the number of people who argue
against vaccinations because "the disease they prevent doesn't occur
that often".

 

[Angel]

I got one of those calls from someone that they were a Microsoft Tech. That
they were alerted to the malware in my computer. That it was done without my
knowledge. He wanted to fix it for me. No, I did not fall for it. For one
thing, Microsoft Techs don't call you. You call them. I was not born
yesterday!!

"Barry Schwarz" wrote in message

On Mon, 9 Jul 2012 08:13:19 -0400, Zaphod Beeblebrox

snip

I hear ya, I was also part of the effort to make sure it was a non-
event. Next time, I say we let disaster happen, and become heroes by
saving the world...

Never mind, we'll still get scorn because we didn't prevent it.

Sigh. Don't see how we can win...

Why is this a surprise? Look at the number of people who argue
against vaccinations because "the disease they prevent doesn't occur
that often".

 

[Gene E. Bloch]

Tech support even told me not to change the factory password when
I was on the phone with them once. Change it anyways.

Which company was that? ...If you're willing to say

That story sounds to me like a good reason to avoid that company's
routers.

 

[Gene E. Bloch]

On Sun, 8 Jul 2012 15:54:00 -0700, "Gene E. Bloch" <not-
(e-mail address removed)> wrote in article <z1slp5ifs9x8
[email protected]>...

I hear ya, I was also part of the effort to make sure it was a non-
event. Next time, I say we let disaster happen, and become heroes by
saving the world...

Never mind, we'll still get scorn because we didn't prevent it.

Sigh. Don't see how we can win...

Yeah. We can't even hope for a plain old zero-sum game

 

[BobbyM]

One in 200? I should hope it's *considerably* less than that.
Chris

Sorry, left out a decimal point. It should be less than 1 in 2000.
This is based on old data, assuming there are 1 billion computers in the
world & using the estimated number of computers that were infected in
Nov 11. There are significantly more computers than that now &
supposedly 100,000 or so fewer infected computers, which would reduce
the odds even further that any particular computer is infected.

 

[Adam]

Which company was that? ...If you're willing to say

That story sounds to me like a good reason to avoid that company's
routers.

No names but it's one of the top selling wireless routers that I recently
bought.
It may have been just that one tech support person's slight oversight.

 

[meagain]

They will STILL access the Internet

Yes.

just will not do name to IP address resolution.
No. They will be sent to probably wrong IP!

 

[Gene E. Bloch]

No names but it's one of the top selling wireless routers that I recently
bought.
It may have been just that one tech support person's slight oversight.

Let's hope

 

[David H. Lipman]

Yes.

just will not do name to IP address resolution.
No. They will be sent to probably wrong IP!

No. The DNS Servers were shutdown thus the DNS calls will go unanswered.

 

[Good Guy]

Computers Infected By 'DNS Changer' Trojan Malware Will Lose Internet Access
Monday ...
http://medford.patch.com/articles/f...ojan-malware-will-lose-internet-access-monday

Ya!! It's a complete meltdown all over the world and they got it right
once again!!!!!!!!!!!!!!!

Now let us get back to some serious work!



--
Good Guy
Website: http://mytaxsite.co.uk
Website: http://html-css.co.uk
Forums: http://mytaxsite.boardhost.com
Email: http://mytaxsite.co.uk/contact-us

 

[Good Guy]

I was not born yesterday!!

So when were you born?


--
Good Guy
Website: http://mytaxsite.co.uk
Website: http://html-css.co.uk
Forums: http://mytaxsite.boardhost.com
Email: http://mytaxsite.co.uk/contact-us

 

[danny burstein]

No. The DNS Servers were shutdown thus the DNS calls will go unanswered.

At least one of the big ISPs supposedly [a] will be
redirecting those DNS requests to its own servers.

Which in some ways raises more concerns than it solves...

[a] news reports, for what they're worth, about AT&T

 

[meagain]

Not true. The "FBI's DNS Servers" were shutdown. The rest of the world's DNS servers
continue to work AOK.

At least one of the big ISPs supposedly [a] will be
redirecting those DNS requests to its own servers.

A decent ISP response, but basicly unneeded except for customer satisfaction.

Which in some ways raises more concerns than it solves...
[a] news reports, for what they're worth, about AT&T

Such as?

 

[Char Jackson]

Not true. The "FBI's DNS Servers" were shutdown. The rest of the world's DNS servers
continue to work AOK.

FYI, David H. Lipman is quite knowledgeable in this area and is well
aware that it was the FBI-run DNS servers that were being shut down. I
think if you review the context of David's statement above, you'll
clearly see that.

 

[David H. Lipman]

In <[email protected]> "David H. Lipman"

Not true. The "FBI's DNS Servers" were shutdown. The rest of the world's
DNS servers continue to work AOK.

At least one of the big ISPs supposedly [a] will be
redirecting those DNS requests to its own servers.

A decent ISP response, but basicly unneeded except for customer
satisfaction.

Which in some ways raises more concerns than it solves...
[a] news reports, for what they're worth, about AT&T

Such as?

The same iscreant who had ESTDomains created the DNSChanger trojan. The
DNSChanger trojan (sometimes protected with a rootKit) would alter the DNS
Table of computers and poorly or insecure SOHO Routers.

The malicious DNS Servers were setup in the following ranges...
93.188.160.0 ~ 93.188.167.255
77.67.83.0 ~ 77.67.83.255
85.255.112.0 ~ 85.255.127.255
213.109.64.0 ~ 213.109.79.255
67.210.0.0 ~ 67.210.15.255
64.28.176.0 ~ 64.28.191.255

The US FBI took over DNS Servers at those address spaces. It is those that
were shutdown.

If a victim had been infected with the DNSChanger trojan then their IP
addresses in the DNS Table woould have been altered to addresses within that
space. If a victim had not corrected their respective systems prior to the
FBI's takedown of the servers then those who had been using them would no
longer perform name to IP address resolution and then all DNS calls from an
affected computer would have gone unanswered.

From the POV of an infected/affected user, all other DNS servers on the 'net
is a moot point.

 

[Robin Bignall]

So when were you born?

In my case, about the same time as my tongue, and somewhat earlier than
my teeth.