Computers Infected By 'DNS Changer' Trojan Malware Will Lose Internet Access Monday

From: "meagain"

The same iscreant who had ESTDomains created the DNSChanger trojan. The DNSChanger trojan (sometimes protected with a rootKit) would alter the DNS Table of computers and poorly or insecure SOHO Routers.

The malicious DNS Servers were setup in the following ranges...

93.188.160.0 ~ 93.188.167.255 77.67.83.0 ~ 77.67.83.255 85.255.112.0 ~ 85.255.127.255 213.109.64.0 ~ 213.109.79.255 67.210.0.0 ~ 67.210.15.255 64.28.176.0 ~ 64.28.191.255

The US FBI took over DNS Servers at those address spaces. It is those that were shutdown.

If a victim had been infected with the DNSChanger trojan then their IP addresses in the DNS Table woould have been altered to addresses within that space. If a victim had not corrected their respective systems prior to the FBI's takedown of the servers then those who had been using them would no longer perform name to IP address resolution and then all DNS calls from an affected computer would have gone unanswered.

From the POV of an infected/affected user, all other DNS servers on the 'net is a moot point.

Reply to
David H. Lipman
Loading thread data ...

In my case, about the same time as my tongue, and somewhat earlier than my teeth.

--=20 Robin Bignall Herts, England=20

Reply to
Robin Bignall

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.