[oagitm] NCCIC Bulletin - DNS Changer

"MASSE Theresa A * EISPD ESO" <theresa.a.masse@xxxxxxxxxxx> · Tue, 1 May 2012 08:39:29 -0700

OAGITM Members:

There has been a lot of mediocre coverage of this issue in the news
media lately - hopefully the attached bulletin will give your
organization the facts it needs to evaluate this threat.

Regards,

Theresa A. Masse

State Chief Information Security Officer

Department of Administrative Services

Enterprise Security Office

503-378-4896

Data Classification 2 - Limited

Confidentiality Notice: This message, including any attachments or
links, may contain privileged, confidential and/or legally protected
information.  Any distribution or use of this communication by anyone
other than the

intended recipient(s) is strictly prohibited.  If you have received this
communication in error, please notify the sender immediately by replying
to this message and then delete all copies of the original
communication, including any attachments and/or links.

Multi-State Information Sharing and Analysis Center

All,

In November 2011, a group of six Estonians and one Russian were charged
with creating/operating the DNSChanger malware used to engage in wire
fraud. The malware may have prevented users' anti-virus software from
working correctly allowing the malware to take control of the computer's
domain name system (DNS). DNSChanger malware enabled Internet requests
to be forwarded to rogue servers instead of legitimate ones.  Attached
is a bulletin issued by the DHS National Cybersecurity and
Communications Integration Center (NCCIC) which provides further details
and recommended actions for users to take.  This bulletin is approved
for widest distribution.

Multi-State Information Sharing and Analysis Center
31 Tech Valley Drive, Suite 2
East Greenbush, NY 12061
(518) 266-3488
1-866-787-4722
soc@xxxxxxxxxx <mailto:soc@xxxxxxxxxx> 

[oagitm] NCCIC Bulletin - DNS Changer

Other related posts: