There are news going around in some newspaper that there will be complete blockage of the internet from Eight march.
Well this is not the complete and true story.
Only the users which are effected with the DNS changer Trojan will be facing the Internet blockage and not all the users.
In order to clear some air regarding this, below is the brief description of the working of one of the DNS changer Trojan.
After execution of the sample, it simply changes the default DNS present on the system to some rouge DNS server and delete the copies of itself.
So whenever the user access any site suppose 'Google.co.in", the request is sent to the Rouge DNS server which uses the query to display relevant ads to the query. This is also used to stop the Antivirus from getting update.
FBI in November found one such Rouge DNS network. Taking down these system at that time could have resulted in complete stoppage of internet for those users having the rouge DNS.
FBI replaced the Rouge DNS server with the legitimate ones-- a measure the agency said to be in effect for 120 days [ i.e till Eight March ]. This is done so as to give some time to the infected users to clean up the system.
To verify whether you are infected by DNS Changer Trojan, do check your DNS Server ip [ Run-> Cmd-> Ipconfig /all ]
and if the DNS server's ip falls in between these range, then it is possible that your system is infected with the DNS Changer Trojan.
This is becoming quite a habit in some news media to twist the news in such a way that when read creates panic among its readers.
We kindly request all the users not to trust such news completely and do some research before believing such news.
Quick Heal detects this Trojan as Trojan.DnsChanger.Gen
Source - Posted by Shrinivas on quick heal blog
No comments:
Post a Comment
Thanks for your valuable comment!!