Monday, September 1, 2014
DNSChanger Malware and Effect Internet Access
DNSChanger Malware and Effect Internet Access - The last few days reporting about malware (virus) DNSChanger so many scattered in both security and technology blog. This is reasonable because the start date of July 9, 2012, the computer is hit by this malware will not be able to access the internet. Pahadal there are still hundreds of thousands of computers are still infected.
What is a DNSChanger Malware?
DNSChanger is a kind of malware (virus) are widely spread on the internet since about 5 years. Malware is changing the setting DNS (Domain Name System) computer or other internet access device so that when we visited the website address, we will be redirected to different websites (such as the web contains a lot of advertising). With such techniques it is reported that malware makers have made millions of dollars.
Malware is created by some cybercriminals from Estonia, who on November 8 last year they had been arrested in "Operation Ghost Click" by the FBI, NASA-OIG and the Police Estonia (www.dcwg.org). But despite this malware makers have been arrested, the effect is still quite a lot, because malware itself has a lot to spread on the internet. The following picture of the number of infected computers by country.
DNS (Domain Name System) itself is a system created to facilitate us to remember the address of a website. For example, when we want to open www.google.com, the actual IP address / Internet Protocol (IPv4) is 173.194.38.162 (we can just type this IP address in a web browser). But how much trouble when it wants to open web we have to type in any IP that way. Therefore made ??DNS to translate domain names into IP addresses web. So that when we open google.com, the DNS will translate into an actual IP address.
When the DNS settings have been changed by a virus (malware), so when typing in google.com, we would not necessarily lead to an actual website.
July 9, 2012
Whats wrong with this date? During the deployment of DNSChanger is a result of so many, the FBI made ??a temporary DNS server for counteracting the effects of this malware. So that the computer is infected with DNSChanger still can use internet access, browsing and other access. But starting on July 9, 2012 (more or less exactly at 11:00 pm / GMT +7) The FBI will shut down the server that had been made??. Consequently, if a computer is infected, automatically after that date will not be able to use the internet.
Tips Checking and Correcting
How to know that our computers are infected with DNSChanger malware or not? To check out, pretty easy. Open one of the following websites:
- DNS-ok.us
- DNS-ok.de
If we get a web interface with the background color of green, it means that your computer is safe from this DNSChanger Malware infection. But if the color red, the computer is infected kite, and possibly after the date (day), we will not be able to access the internet.
If the computer is infected, its been a lot of small tools or software that we can use to repair or remove this malware. One of them use artificial tools which can be downloaded from Avira this link AviraDNSRepairEN.exe (1:22 MB). In addition to these tools there are many other alternatives that could be used, more able to see this website www.dcwg.org / fix
Once the computer is cleaned of malware, not necessarily the work was in order. Because the DNS settings or settings that caused by the virus, probably still has not changed and maybe we need to change to manual settings. To change the DNS settings on the computer, we can read the steps on google about the use of public DNS.
Alternatively, we can also change your own DNS to use OpenDNS addresses (208.67.222.222 and 208.67.220.220) or using a DNS server from google (8.8.8.8 and 8.8.4.4). If after the change can still access the internet, probably because we use the Internet access through the Router. If we can access the router, we can reset the configuration to go back to the beginning.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment