DNS Changer Malware (DNSChanger) attempts to modify user’s browser experience by interfering into communication between PC and websites. Basically, any website name is to be translated into numerical code in order that it could be understood by the machine that tries to reach it. This job is to be done by DNS server. Where such translator is a fair one, it correctly converts names into numerical codes called Internet Protocol (IP) addresses so that one would get the website actually requested. FBI has arrested a hacker suspected to mastermind DNSChanger malware meant to replace good DNS server with bad one. The bad one incorrectly converts website name into IP address so that users get out-of-context websites loaded instead of that expected. In spite of that FBI has captured rogue servers, it lingered switching them off in order that victims of the hackers could remove DNSChanger Malware and restore proper settings for their browser. Failure to get rid of DNSChanger virus before the FBI Dooms Day of abolishing malicious servers will lead to the Internet connection errors or disability. FBI has announced it is to proceed in the closest feature to the final stage of their campaign against web-criminals, namely destruction of misleading servers. In spite of the informational campaign by official authorities and private malware experts, a rough estimate suggests hundreds of thousands of users are to get troubles with web-connection due to rogue DNS servers removal. Guidelines are available on FBI website (http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer...) to ensure a PC is not affected by the malware by comparing its DNS settings against the list off servers that used to be controlled by the black hats.
Remove W32.Flamer to prevent data leaks – delete the worm that has set computers Iran’s Oil Ministry on fire
W32.Flamer initially succeeds to break through computer security as a result of targeted attack. The attacked machines are not necessarily the ones protected less than others. Hackers probably makes their section of target subject to the assessment of the value of into they expect to retrieve from the machine to be compromised. Attacks on computers in the network of the Ministry of Petroleum of the Islamic Republic of Iran while the worldwide extent of the worm propagation has been assessed as low to medium is rather an unambiguous evidence for the above assumption. The malware is used to perform a set of spying activities It has been rated as one of the most sophisticated worms ever made by skilled professionals. It is proficient in protecting its components so that removal of W32.Flamer implies the remover is a professional program, preferably with validated ability to detect the specific worm. Do not disregard reports on the infection. To get rid of W32.Flamer as a current infection present in the memory of your PC or as a threat of future invasion, download and install free scanner.
Trojan.Tinba has raised concern of CSIS, Danish Security group. Its eCrime Unit Chief Mr. Kruze, has said the infection resembles notorious Zeus trojan. However, it is much smaller than Zeus. It is considered to be the smallest banker ever: no surprise as its name stands for “tiny banker” (Tinba). The infection is also known as Zusy. In the wild, detected copies of the malware have not exceeded 20 kb. Removal of Trojan.Tinba is required to ensure you log-in details are not available for hackers. The infection attaches itself to browser. Apart from deriving account information, the rogue collects info on the traffic. Instances of the infection have also been observed injected immediately into websites. Hence both website owners and PC users may need to get rid of Trojan.Tinba.
Remove BackDoor.Flashback.39 as the latest Mac Flashback trojan has managed to infect thousands producing record-breaking Macintosh botnet
BackDoor.Flashback.39 is a latest variant of Mac Flashback trojan.
Introduction of the infection is based on using compromised and malicious websites and intermediate systems for traffic distribution (TDS). Those are means of redirecting Macs to infected website, a source of the above trojan. Plenty of pages containing malicious code have been detected, yet more remain unknown to malware watches.
The infected pages have Java script that loads into browser of target operating system relevant applet that contains exploit. Important to note, the security breach is Java on OS X was fixed by Oracle already in February 2012, while Apple lingered releasing relevant patch until April 4, 2012.
Just at the time of the Apple’s patch release the outburst of the above trojan was observed as over 500,000 macs were infected and organized into the record-breaking botent made of Macintosh machines.
To get rid of BackDoor.Flashback.39, please use reliable antivirus for Mac. Apart from BackDoor.Flashback.39 removal any Mac user needs to update the Java by performing routine Macintosh software update.
Nginx error, otherwise known as Welcome to nginx! redirect, goes after users. The victims have got no clue what the page want them to do. However, they can see the trend of blocking search engines in favor of the odd blank page containing the bizarre welcoming caption.
The issue is important sign that betrays obsolete, yet critically hazardous rootkit. The rootkit’s controller has been destroyed, namely the server that governed the infection was detected and killed by malware watchers. In the meantime, removal of Nginx error requires the user of a compromised PC to rid the working station of relevant rootkit.
The infection has been dermined to represebt the same varirtyt of malware that stand behind Happili and other currently active redirect targets. Instructions on how to remove Welcome to nginx! Redirect are available below.