Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    July 2012
    S M T W T F S
    « Jun   Aug »
    1234567
    891011121314
    15161718192021
    22232425262728
    293031  
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for July 5th, 2012




    As we said about a month ago, the shutdown of the DNS servers that still serve victims of the Esthost/Rove Digital cybercrime gang is imminent. Given the time that has passed since the original arrests, you’d think that this wouldn’t be a problem anymore. However, according to the DNS Changer Working Group more than 300,000 users are still infected with DNS Changer malware, all of whom will lose Internet access once the clean servers are turned off for good this Monday.

    Let’s take a step back and remember why DNS changer malware is still a significant problem today. DNS changer malware changes the user’s preferred DNS servers from their preferred settings to malicious servers under the control of the attacker, allowing any and all of the user’s Internet access to be hijacked.

    DNS changer malware was the primary tool of the Esthost/Rove Digital gang; when it was taken down in late 2011 we believed a total of 4 million users were affected. The gang primarily used this to carry out clickfraud, which involved redirecting sites and searches so that the syndicate were able to defraud search providers and advertisers.

    As part of the FBI operation, the DNS servers were replaced by clean servers for the benefit of these users (as they would have instantly lost Internet access without warning otherwise.) These clean servers will be turned off on July 9.

    For complete information about DNS Changer – such as how to find out if you’re infected, what to do if you are, and the secrets behind the Esthost/Rove Digital gang, you can visit our DNS Changer portal, which you can visit by clicking the banner below:

     
    Posted in Bad Sites | Comments Off


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice