PLDT and Smart urge Internet users to check for “DNSChanger” malware on or before July 9, 2012
Are you an Internet user? If so, leading Philippine telco PLDT and its wireless subsidiary Smart are urging you to check if your computer is infected by the “DNSChanger” malware on or before July 9, 2012. More details after the jump.
“If you fail to take action, you may not be able to access Internet websites and use web services like email and search,” said PLDT Smart Spokesperson Ramon Isberto.
What is DNSChanger?
DNSChanger is a globally-distributed malicious software (malware) created in 2007 by a group of Internet hackers. It modifies the Domain Name Server (DNS) settings of an infected computer and diverts users of these computers to servers owned by the hackers instead of accessing the servers of the real websites.
The hackers are thus able to display advertisements of fake or malicious products and direct victims to websites which are also infected with other malware.
Server Shut Down
In 2011, law enforcement agencies from around the world arrested the group behind DNSChanger. To counteract its initial effects, malicious DNS servers were shut down and alternate DNS servers were set up to temporarily replace the malicious servers and give people time to clean up the infection.
However on July 9, 2012, these temporary servers will be shut down rendering computers still infected with DNSChanger unable to access Internet services.
In line with the worldwide effort against the DNSChanger, both PLDT and Smart are asking their subs to check their computers to determine if their devices are infected with the malware. They can do this by following these steps provided by the DNS Changer Working Group (DCWG):
Manual Checking/Detection
Windows
- Click Start
- Open the Command Window
- (For Windows 7) Type cmd at the search bar
- (For Windows XP) Click Run, then type cmd at the bar
- Type ipconfig /all
- Search for the DNS Servers section
Mac OS X
- Click the Apple icon an the top left of the screen
- Select System Preferences
- Locate the “Network” icon
- Read the “DNS Server” line
Ensure that the DNS Servers are not within the following range of Internet Protocols (IPs):
- 85.255.112.0 through 85.255.127.255
- 67.210.0.0 through 67.210.15.255
- 93.188.160.0 through 93.188.167.255
- 77.67.83.0 through 77.67.83.255
- 213.109.64.0 through 213.109.79.255
- 64.28.176.0 through 64.28.191.255
If the DNSChanger is detected, users may then use any of the following software to clean the infection:
- Hitman Pro (32bit and 64bit versions)
- Kaspersky Labs TDSSKiller
- McAfee Stinger
- Microsoft Windows Defender Offline
- Microsoft Safety Scanner
- Norton Power Eraser
- Trend Micro Housecall
- MacScan
- Avira’s DNS Repair-Tool
Alternatively, subscribers may also visit the following sites to their system checked automatically
For more information on DNSChanger, visit the official DCWG website at www.dcwg.org.
No comments: