What steps are you taking to address DNSChanger concerns?

rousseau

Most of us have been aware of DNSChanger malware for quite a while, but apparently it has just entered the mainstream consciousness. I say this because we have been getting request after request to "check my computer for the DNS virus". All of the machines on our network are fine, but even when we tell people that, we get a lot of request to check the individual machine "to make sure". We don't have the time or people to make a personal visit to everyone just to pat them on the shoulder and tell them everything is fine. Now, I'm not saying there isn't valid concern about DNSChanger. In fact, I think it is a very clever bit of mischief. Bad, but clever. It's amazing to me how hard it is to get people to follow basic security practices, but when they see something on TV about their computer not working after July the freak-out begins. Maybe I just work at Paranoid, Inc., I don't know. Are other companies running into this, and if so, what steps are you taking to address concerns and stop spending excessive time on the issue?

Topic: Security
Answer this Question

Answers

2 total
jimlynch
Vote Up (18)

Canada has an online tool that will check to see if a user's computer is infected by DNSChanger malware:

http://www.dcwg.org/cira-develops-online-dnschanger-malware-checker/

"The Canadian Internet Registration Authority (CIRA), in collaboration with Public Safety Canada and the Canadian Radio-television Telecommunications Commission (CRTC), has developed an online DNS Checker to screen users’ computers for the DNSChanger malware.

CIRA says the free online tool lets Canadian Internet users to detect if their computer is affected by the DNSChanger malware.

The DNSChanger Trojan horse could change the DNS server settings on infected computers and divert traffic to rogue servers. The malware was cross-platform, and was said to have affected millions of PC and Mac systems worldwide, over half a million of them in the U.S.

The FBI began working with several foreign governments on Operation Ghost Click, eventually arresting several alleged perpetrators."

dblacharski
Vote Up (11)

Probably the easiest thing to do is send out a mass internal e-mail directing everyone to the website that tells users if their computer has a DNSChanger issue. It is super simple, they will see a nice comforting message on their screen, and will probably stop worrying about it. Also, it will let them know if by chance they do happen to have the malware installed. www.dcwg.org.

Ask a question

Join Now or Sign In to ask a question.
Now that BlackBerry has fallen significantly behind Apple and Google in the race to offer features and third-party apps for its smartphones, the company is concentrating on providing devices that, it claims, have the strongest available security -- the killer feature for the enterprise.
Today's hotels are unfortunately vulnerable to types of attempted fraud. Here's how to keep data safe when you travel.
U.S. Senator Patrick Leahy has introduced a new version of a bill to rein in the National Security Agency's bulk collection of U.S. phone records in an effort to strengthen legislation that passed the House of Representatives this year.
The IT infrastructure of the National Research Council of Canada was recently compromised by highly sophisticated Chinese state-sponsored hackers, the Canadian government said Tuesday.
The majority of Android devices currently in use contain a vulnerability that allows malware to completely hijack installed apps and their data or even the entire device.
U.S. and EU privacy and consumer groups called on privacy regulators to stop Facebook's plans to gather the Internet browsing patterns of its users while they visit other sites.
A configuration problem in Facebook's popular Instagram application for Apple devices could allow a hacker to hijack a person's account if they're both on the same public Wi-Fi network.
Questions abound over sites authenticating users via identities established through social networks, Yahoo Ponemon Institute survey shows.
Attackers are exploiting a vulnerability in distributed search engine software Elasticsearch to install DDoS malware on Amazon and possibly other cloud servers.
Vulnerabilities in the Tails operating system could reveal your IP address, but you can avoid trouble by taking a couple of precautions.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

randomness