Ipswitch Blog

DNSChanger Malware – Are you afraid you’ll lose Internet access on March 8th?

| February 23, 2012 | Network Monitoring

Over 450,000 computers – including half of the Fortune 500 companies and over 50% of government entities – are still infected with the DNSChanger malware. Don’t be one of them! 

As you’ve probably heard (or maybe even experienced) the DNSChanger is a Trojan horse that changes the DNS settings on computers and routers to send users to malicious sites, which then steal personal information and generate illegal ad revenue for the scammers (we’re exhausted just thinking about it). In November 2011, the FBI took over the botnet’s rogue servers and replaced them; however, on March 8th the FBI will be shutting down the servers they put up in replacement of the rogue ones.

On March 8th, any machine still infected with the malware will be unable to get on the Web, send emails, or do anything else online. Luckily, WhatsUp Gold can help!

Flow Monitor will detect if any devices are still infected on your network. You can build a group containing the IP addresses listed below, and then add an alert for DNS traffic to this group. If you are infected with the DNSChanger, you can then run a report for all infected devices.

Potentially Rogue DNS Servers 

–85.255.112.0 – 85.255.127.255

–67.210.0.0 – 67.210.15.255

–93.188.160.0 – 93.188.167.255

–77.67.83.0 – 77.67.83.255

–213.109.64.0 – 213.109.79.255

–64.28.176.0 – 64.28.191.255

 

Take action before it’s too late – Find out if any of your devices are infected with your free 30-day trial of WhatsUp Gold!

How IT Pros Can Save 30 Minutes a Day

How IT Pros Can Save 30 Minutes a Day

Implementing Compliance for Data Privacy in Regulated Industries

Free Webinar: Implementing Compliance for Data Privacy in Regulated Industries

Leave a Reply

Your email address will not be published. Required fields are marked *

Ipswitch Blog

This post was written by Ipswitch Blog

Ipswitch helps solve complex IT problems with simple solutions. The company’s software has been installed on more than 150,000 networks spanning 168 countries to monitor networks, applications and servers, and securely transfer files between systems, business partners and customers. Ipswitch was founded in 1991 and is based in Lexington, Massachusetts with offices throughout the U.S., Europe, Asia and Latin America.