What steps are you taking to address DNSChanger concerns?
Most of us have been aware of DNSChanger malware for quite a while, but apparently it has just entered the mainstream consciousness. I say this because we have been getting request after request to "check my computer for the DNS virus". All of the machines on our network are fine, but even when we tell people that, we get a lot of request to check the individual machine "to make sure". We don't have the time or people to make a personal visit to everyone just to pat them on the shoulder and tell them everything is fine. Now, I'm not saying there isn't valid concern about DNSChanger. In fact, I think it is a very clever bit of mischief. Bad, but clever. It's amazing to me how hard it is to get people to follow basic security practices, but when they see something on TV about their computer not working after July the freak-out begins. Maybe I just work at Paranoid, Inc., I don't know. Are other companies running into this, and if so, what steps are you taking to address concerns and stop spending excessive time on the issue?
Answers
Probably the easiest thing to do is send out a mass internal e-mail directing everyone to the website that tells users if their computer has a DNSChanger issue. It is super simple, they will see a nice comforting message on their screen, and will probably stop worrying about it. Also, it will let them know if by chance they do happen to have the malware installed. www.dcwg.org.
- Share this answer
- Permalink
Related Questions
When was your last computer infection/affliction? Can you describe what happened, and how you fixed it? Malware attacks are getting more...
It seems more and more common for site such as Facebook (and by that I really mean primarily Facebook) to be used as a vehicle for...
TDSS has been used by attackers again and again over the past couple of years. We had a problem with TDSServ and it was a royal pain to...
There have many stories about Duqu, and how sophisticated of a security threat it is. It has been on TV news, in tech magazines, pretty...
Has Malware and botnet development become a "legitimate" storefront operation? I find it shocking that malware is freely available for...
Ask a question
White Papers & Webcasts
White Paper
Bullet-Proof Your Enterprise Linux Environment
White Paper
How to Avoid the High Cost of Security Audits
White Paper
Business Assureance Technology Infographic
See more White Papers | Webcasts
Canada has an online tool that will check to see if a user's computer is infected by DNSChanger malware:
http://www.dcwg.org/cira-develops-online-dnschanger-malware-checker/
"The Canadian Internet Registration Authority (CIRA), in collaboration with Public Safety Canada and the Canadian Radio-television Telecommunications Commission (CRTC), has developed an online DNS Checker to screen users’ computers for the DNSChanger malware.
CIRA says the free online tool lets Canadian Internet users to detect if their computer is affected by the DNSChanger malware.
The DNSChanger Trojan horse could change the DNS server settings on infected computers and divert traffic to rogue servers. The malware was cross-platform, and was said to have affected millions of PC and Mac systems worldwide, over half a million of them in the U.S.
The FBI began working with several foreign governments on Operation Ghost Click, eventually arresting several alleged perpetrators."