On November 8, the FBI, the NASA-OIG and Estonian police arrested several cyber criminals.
The criminals operated under the company name “Rove Digital”, and distributed DNS changing viruses, variously known as TDSS, Alureon, TidServ and TDL4 viruses.
The botnet operated by Rove Digital altered user DNS settings, pointing victims to malicious DNS in data centers in Estonia, New York, and Chicago.
The “Rove Digital” malicious DNS servers give fake, malicious answers, altering user searches, and promoting fake and dangerous products. Because every web search starts with DNS, the malware showed users an altered version of the Internet.
FBI-provided a list of rogue DNS servers and if they fall in any of these ranges, then your system may be using one of the rogue DNS servers.
85.255.112.0 through 85.255.127.255
67.210.0.0 through 67.210.15.255
93.188.160.0 through 93.188.167.255
77.67.83.0 through 77.67.83.255
213.109.64.0 through 213.109.79.255
64.28.176.0 through 64.28.191.255
Check and fix Ur PC for Free http://www.dcwg.org/
Under a court order, expiring July 9, the Internet Systems Consortium is operating replacement DNS servers for the Rove Digital network. This will allow affected networks time to identify infected hosts, and avoid sudden disruption of services to victim machines.
- BossyWillson
- 04-25-2012, 08:53 AM
- LazurusLong
- 04-25-2012, 01:53 PM
Thanks!
Great info but way over the head of 99% of the users of this site.
Great info but way over the head of 99% of the users of this site.