Sunday, February 1, 2009

Ukrainian DNSChanger websites taken offline

"A Ukrainian Web hosting provider that, according to published reports, has long served as home base to a prolific and invasive family of malicious software has been taken offline following abuse reports from Security Fix to the company's Internet provider", writes Washington Post.

"Since at least 2005, and perhaps earlier, an entity known as UkrTeleGroup Ltd. has hosted hundreds of Web servers that control a vast network of computers infected with some variant of "DNSChanger," according to security software vendor McAfee, which monitors worldwide malware. DNSChanger is a Trojan horse program that changes the host system's settings so that all of the Internet traffic flowing to and from the infected computer is sent through servers controlled by the attackers."

Good news is that this finally happened. Sad thing is that users currently infected with DNSChanger can't now get online since they don't have working DNS servers available. Also, as stated in the article, seems that groups behind DSNChanger trojan have begun to move to a new network called 'Zlkon.lv' in Latvia.

No comments: