Hasta La Gadget!

People are understandably concerned about viruses anywhere online today. People know they can pick up a virus from some of their favorite websites if they aren’t careful. Facebook has now begun directing users who fear their computers might be infected to websites where they can download free antivirus software proactively.

Facebook has opened a Malware Checkpoint for Facebook, and it sends people to one of two places. The checkpoint recommends people sign up for Microsoft Security Essentials or McAfee Scan and Repair. Mac users who hit the Malware Checkpoint are referred to the Apple Security Updates website.

Facebook has been notifying site users for a long time if it detects a possible malware infection on their individual machine. It has been linking users to free antivirus software to clean up suspected infections. The big change here is that Facebook is now opening the Malware Checkpoint to all users, whether or not an infection is detected on their computer.

[via CNET]

Facebook directing users to free antivirus offerings is written by Shane McGlaun & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Over the past week or two, we’ve been following the DNSChanger or “Internet Doomsday” saga as the final day approached – today – and now it’s time to take a head count for what’s actually happened. Despite the name, this doomsday didn’t actually affect very many computers at all. In fact, according the the folks at DCWG and their study of the infection over the last couple of years, we’d just reached the lowest number of infections per DNS Top Level Domain Country Code in the history of the virus.

The number of unique IP addresses DCWG found with the DNSChanger infection was 551,436 back on the 8th of November, 2011. Fast forward to yesterday (the 8th of July, 2012,) and the number had dropped to 210,851. According to country code, the USA returned the most hits for IPs with the infection at 41,557 just yesterday while only Italy, Great Britain, and Germany had over 10,000 racked up.

There will be monitoring of IP addresses that have been affected and subsequently claimed clean, of course, to make sure they aren’t hijacked once more. The DCWG’s job does not end here, but the IP addresses listed at their site: Cleaning Ends will now be monitored by several Service Provider and Security Organizations – that’s what’s included in the future checking to assure no more malicious hijacking.

And in the end, if you’re reading this from your computer connected to the internet, you weren’t infected anyway. So happy day for you! Have a peek at our timeline below to follow the whole saga as it unfolded this summer – and stay tuned for more!

DNSChanger: By the Numbers is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Today’s malware has a deadline: get rid of DNSChanger now, or come Monday, July 9, you may find yourself without access to the internet altogether. Hundreds of thousands of computers around the world have been infected by the trojan, which changes DNS settings – among other things – so as to route web traffic through compromised servers. Now, the FBI is preparing to pull the plug on those servers – and many people’s internet connection with them.

Since the FBI and other law enforcement agencies seized control of the botnet behind DNSChanger, a temporary DNS server network has been running in its stead so as to keep infected users online. That network will cease operating on Monday.

“The botnet operated by Rove Digital altered user DNS settings, pointing victims to malicious DNS in data centers in Estonia, New York, and Chicago. The malicious DNS servers would give fake, malicious answers, altering user searches, and promoting fake and dangerous products. Because every web search starts with DNS, the malware showed users an altered version of the Internet” DNSChanger Working Group

The best news is, checking for a DNSChanger infection on your system and, if found, getting rid of it is straightforward. First step is heading to dns-ok.us in your browser: that will tell you whether or not there’s a sign that your computer has been infected. If it’s green, you’re in the clear (though it’s probably still worth forwarding this article on to friends and family – particularly net-confused parents – who might need some assistance checking their own machines).

If it’s red, however, you have a DNSChanger problem. Thankfully there are multiple options to get rid of it: Microsoft has a tool, as do key anti-virus vendors such as McAfee and Norton. There’s a full list of them here, and usually it’s just a case of downloading and running an app to get your computer back on an even keel.

PSA: Evict DNSChanger now or lose the web Monday is written by Chris Davies & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Hundreds of thousands of people around the world could lose access to the Internet on July 9 when the FBI plans to kill temporary servers servicing victims of a virus. That virus is called DNSChanger, and the FBI plans to shut down the temporary DNS servers that were being used to assist victims of the Internet theft ring. Any computer that still uses the servers won’t be able to go online starting July 9.

Before people with infected systems will be able to get back online, they will have to clear the computer of the DNSChanger virus. The shutdown of the temporary servers is the final move in an FBI operation called Ghost Click that spanned two years and officially ended in November 2011. The virus changed victim’s DNS servers, routing them to websites of the hacker’s choosing.

Some of those websites were fraudulent in nature according to authorities. Six Estonians behind the fraud ring were arrested by the FBI during the course of the investigation. The virus was originally disseminated via traditional channels, including e-mail and malware. The FBI had replaced the hacker’s nefarious servers with “clean” servers to keep PCs infected by the virus online.

[via CBC]

FBI to kill servers supporting DNSChanger virus victims is written by Shane McGlaun & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

NICT has developed Daedalus, a cyber-attack alert system.
Daedalus renders attacks on networks visible in real time. The sphere in the center represents the Internet, and the circles moving around it represent networks under observation. The state of an attack is shown using 3D graphics, and can be viewed from any perspective.
“We previously created a system called nicter for observing cyber-attacks. We also built an observation network in Japan, called the Darknet Observation Network, to …