Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: New DNS trojan taints entire LAN from single box

17 Mar 2009   #1
Airbot

Windows 7 Ultimate x64 SP1
 
 
New DNS trojan taints entire LAN from single box

Quote:
Internet security experts are warning of a new rash of malware attacks that can hijack the security settings of a wide variety of devices on a local area network, even when they are hardened or don't run on Windows operating systems.

Once activated, the trojan sets up a rogue DHCP, or dynamic host configuration protocol, server on the host machine. From there, other devices using the same LAN are tricked into using a malicious domain name system server, instead of the one set up by the network administrator. The rogue DNS server sends the devices to fraudulent websites that in many cases can be hard to identify as impostors.
more:The Register


My System SpecsSystem Spec
.
17 Mar 2009   #2
Copyright

Windows 7 x64 7229
 
 

This can be prevented with ample security. No bruteforcer is going to get into my router. My hosts file is read only, and really, what are they going to do if they are able to change my DNS?
My System SpecsSystem Spec
17 Mar 2009   #3
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Quote   Quote: Originally Posted by Copyright View Post
This can be prevented with ample security. No bruteforcer is going to get into my router. My hosts file is read only, and really, what are they going to do if they are able to change my DNS?
A DNS changer 'hijack' will send you to their chosen server ... the computer will then be infected with malware (Bots come to mind here); possibly helping themselves to passwords and critical information on the infected machine. It's not uncommon at all anymore
My System SpecsSystem Spec
.

17 Mar 2009   #4
limneos

Windows 7 RC 7100 32bit/64bit
 
 

Quote   Quote: Originally Posted by Copyright View Post
This can be prevented with ample security. No bruteforcer is going to get into my router. My hosts file is read only, and really, what are they going to do if they are able to change my DNS?
Well, imagine you type e.g. google.com in the address bar, and instead, it opens 888.com or other malware infecting websites...Even worse, without you knowing, it could just change the DNS to some hidden adv frames and instead of advertisements on the MSN messenger pane, you would have some very nice malicious files saved and doing their nasty job on your machine, probably Bots like Jacee said...

This can be done by assigning you DNS servers which have wrong Name Resolutions.

Although I doubt setting up a whole DHCP server would pass unnoticed...

I had a client's laptop last week with manually assigned DNS entries from malware... pointing to some 83...87..IP address don't remember exactly.
My System SpecsSystem Spec
17 Mar 2009   #5
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Most likely 85.255.xxx.xx something like that limneos?

Yep.... bad, bad stuff and it isn't getting better.

Sometimes I just want to say, "wipe it all and do a clean install".
My System SpecsSystem Spec
Reply

 New DNS trojan taints entire LAN from single box




Thread Tools




Similar help and support threads
Thread Forum
Trojan called 'Trojan.Generic.2582177' on my system
Hi, I have Window7 Ultimate 64 bit on my system. I use Bitfender as my antivirus software. This morning it informed me that it has found a file infected with a virus called 'Trojan.Generic.2582177' which it cannot clean. I've contacted Bitfender to see if they know what I should do but haven't...
System Security
Transfering the entire HDD.
Hello again, sorry for the trouble. So, recently, my friend gave me his computer because he has upgraded his system and I found out that his PC is the exact same spec as my computer BUT his PC got 2 more extra RAM slot than me so, I was wondering to transfer my entire PC into one with his. I...
General Discussion
Entire GPU
I recently downloaded Flight Simulator X Deluxe, and When I ran a gadget on my desktop, it wasn't using the full GPU. What I want to know what to do is how to make the game utilize my entire GPU. Dell XPS 15 (laptop) 6 GBs RAM 640 GB HDD 2 GB Graphics (Nvidia GeForce GT 435M) Intel i7...
Hardware & Devices
okay..? entire PC froze
ok so basically my PC just froze with no notification of anything not responding, this also happened last week like everything just stops except the mouse then once i click the mouse pointer just stops moving, the only way i can continue what i was doing is to hold the power button down to shut the...
BSOD Help and Support
Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro
A little help,please.Got this trojan earlier.It disabled MSE,MBAM,Internet,CCleaner,and pretty much anything .exe.Claimed everything was infected...so says whatever fake AV program that came with it.(I wish I could figure out how to use the indention tool here)I had to restart,open task manager...
System Security
Do you index your entire HDD?
does indexing your entire disk for all files hinders performance? is it recommended doing it or not doing it? thanks. :geek:
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 12:16.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App