A daily newsbrief journal and resources for democrats across the globe

Skip to content



NAVIGATION MAIN MENU

COMPENDIUM LIBRARY/TWITTER MONITOR
VIDEO GALLERY
Economic News
Newsbrief Archives
Democrat Leadership Twitter and Realtime Feeds
Cabinet twitter and realtime feeds
North America weblog
International weblog
Democrats twitter directory
Latest Government Jobs and Public Tenders
Jobs Matrix
Global Travel Information
Pop Entertainment Forum
Start Portal

Please make a donation to support upkeep of the daily news journal, back archives, twitter feeds and the compendium library.










US-CERT Current Activity

Daily newsbrief journal for February 2012, also see http://www.usdemocrats.com/brief for a global 100-page perpetual brief and follow twitter @usdemocrats
Post a reply


US-CERT Current Activity

Postby admin » Thu Feb 23, 2012 8:07 am

US-CERT Current Activity

DNSChanger Malware

Original release date: February 23, 2012 at 9:27 am
Last revised: February 23, 2012 at 9:27 am


In November 2011, U.S. Federal prosecutors announced Operation Ghost
Click, an investigation that resulted in the arrests of a ring of
seven people who allegedly infected millions of computers and
DNSChanger malware.

The malware may prevent users' anti-virus software from functioning
properly and hijack the domain name system (DNS) on infected systems.
Systems affected by DNS hijacking may send internet requests to a
rogue DNS server rather than a legitimate one.

To prevent millions of Internet users infected with the DNSChanger
malware from losing Internet connectivity when the members of the ring
where arrested, the FBI replaced rogue DNS servers with clean servers.

However, the court order allowing the FBI to provide the clean servers
is set to expire on March 8, 2012. Computers that are infected with
the DNSChanger malware may lose Internet connectivity when these FBI
servers are taken offline.

US-CERT encourages users and administrators to utilize the FBI's rogue
DNS detection tool to ensure their systems are not infected with the
DNSChange malware. Computers testing positive for infection of the
DNSChanger malware will need to be cleaned of the malware to ensure
continued Internet connectivity.

Users and administrators are encouraged to implement the following
preventative measures to protect themselves from malware campaigns:
* Maintain up-to-date antivirus software.
* Do not follow unsolicited web links in email messages.
* Configure your web browser as described in the Securing Your Web
Browser document.
* Use caution when opening email attachments. Refer to the Using
Caution with Email Attachments Cyber Security Tip for more
information on safely handling email attachments.
* Implement best security practices as described in the Ten Ways to
Improve the Security of a New Computer (pdf) document.

Relevant Url(s):
<http://www.us-cert.gov/reading_room/TenWaystoImproveNewComputerSecurity.pdf>

<https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS>

<http://www.us-cert.gov/reading_room/securing_browser/>

<http://www.us-cert.gov/cas/tips/ST04-010.html>

====
This entry is available at
http://www.us-cert.gov/current/index.ht ... ck_malware
admin
Site Admin
 
Posts: 82092
Joined: Fri Nov 27, 2009 7:00 am
Top
Post a reply

Return to February 2012

Who is online

Users browsing this forum: Majestic-12 [Bot] and 15 guests

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group phpbb3 review personal hosting
cron