DNS Changer – Are You Infected?

Computers Infected with DNS Changer after July 8, 2012
will NOT be able to browse the Internet

Click the following link to see if you are infected:

A GREEN background indicates you are safe and NOT infected.

(Note: The above website may be busy; if it is not responding please try the link below:)
Site 2: A GREEN banner indicates you are safe and NOT infected.

Contact the Service Desk at 617-373-4357 for assistance in detecting or removing DNS Changer.

Background

The DNS Changer malware alters your computers Domain Name Service (DNS) and diverts internet traffic and search results to dangerous and potentially illegal websites. For example, if you are infected and browse to www.google.com, all of your internet traffic would first pass through the malware server before it gets to Google. The malware server would insert malware and other illegal websites in the search results sent back to your computer.

Every day the Office of Information Security logs machines, both Mac OS and Windows, on the NU network infected with DNS Changer.

Fortunately, the criminals behind this malware were caught and their servers were taken over by the FBI. The FBI is currently maintaining the malware servers but not infecting the network traffic with malware.

On July 9th, 2012 those servers will be taken offline. Any computer that is still infected after this date will still try access domain names through the malware server but hit a dead end.

For example, you will not be able to browse to http://www.northeastern.edu. Instead you will need to type http://155.33.17.68 to view the NU website.

After removing the DNS Changer malware it is suggested that you install Anti-Virus software on your Mac OS or Windows computer. Here is a list of Anti-Virus software offered by NU and third party companies.

Manually Check Your DNS Settings

Manually check for and remove DNS Changer

If you are on the NEU Campus your DNS Servers should be:

    155.33.32.31 and 155.33.32.32

Related Links:

DNS Changer Working Group

Article: Renewed Efforts to Revert DNSChanger in Effect

[Image http://dns-ok.us]

Updated 4/26/2012

This entry was posted in Malware, Anti-Virus, Phishing, Scams. Bookmark the permalink. Both comments and trackbacks are currently closed.