[Jan-24-12] Letter from Verizon (Infection Notice for DNS Changer Malware)

Hello everyone. It's been several months since I've visited this site, although I do occasionally get my conspiracy-fix every now and then, I'm here today with a few questions about a certain letter my family received in the mail today.

We received a letter from Verizon, our ISP, literally in the mail today (not e-mail, etc). The letter informs us that one of our machines could be infected with a virus, called DNS Changer Malware. I'll list the letter in full, and point out the.. "issues" I have with it in bold.

Verizon
PO Box 5627
Cherry Hill, NJ 08034-9906


January 2012

Dear Broadband Customer:

We are writing to inform you that one or more of your computers (or other Internet devices) might be infected with a harmful computer program (sometimes called "malware"). Verizon was notified by the FBI that this particular virus, called DNS Changer Malware, has infected the computers of millions of people worldwide across many different Internet Service Providers. It is important that you take steps to remove this virus from your computer(s) as soon as possible.

We do not know how your computer or other Internet devices became infected. The malware may have been downloaded to your machine when you visited a website or opened an email. Also, hackers often modify their malware to evade detection by antivirus or other software programs, so it's possible that your antivirus program did not detect this virus.

You need to take action to determine which computer(s) or other Internet devices using your broadband connection might be infected.

The government has currently implemented certain technical measures that enable infected devices to still surf the Internet, but those measures are expected to be in place for only the next several weeks, and once they expire, infected devices will not be able to surf the Internet unless this malware has been removed. This particular malware infects a wife range of devies, including computers running Microsoft Windows or Apple's operating system and some broadband routes. Please note that if your friends or family used your Internet connection to access the internet with their computer, their computer could also be infected.

To obtain more information about this malware, and links to resources that might be able to assist you with identifying and fixing your infected Internet devices, please visit: www.verizon.com/virushelp.

Again, we strongly recommend that you take the necessary steps to remove this virus from your computer as soon as possible; failure to do so will affect your ability to access the Internet in the future.

Sincerely,

Verizon.

Before you ask, there are currently 4 PCs and 2 laptops in my household. Myself, my computer appears fine; in fact it is the safest in the house. Both my father's computers seem fine as well, it is my sister's who may be the one at risk, if it's even real. All of them will be checked and scanned, regardless.

My only real issue with this.. well, it just seems odd. What I find the most strange, is the middle paragraph that states the government basically has free reign to lock you out of the internet (well, this was known), and will use it in the next several weeks if you don't take care of your computer, basically. That's what.. 'worries' me the most.

Anyways, if anyone could help or if we could have a discussion on this, it would be nice - as I did a quick forum search and didn't find anything on this.. "DNS Changer Malware".

Thanks.

I understand what they are saying.

The FBI was able to locate and put a stop to the group doing this DNS attack. The attack changes a computer to use their servers for DNS resolution and then they were redirecting people to fake websites to gather credit card information. The scam cost people something like 14 million.

The FBI is allowing the DNS redirect to continue and giving people a chance to switch back to their normal DNS provider.

When they shut down this scam DNS server a lot of people will be unable to resolve web site IP addresses and will end up calling Verizon, ComCast and so on to get them to walk them through the troubleshooting steps.

Edit to add:

My only real issue with this.. well, it just seems odd. What I find the most strange, is the middle paragraph that states the government basically has free reign to lock you out of the internet (well, this was known), and will use it in the next several weeks if you don't take care of your computer, basically. That's what.. 'worries' me the most.

In this case they don't have the ability to do this. Its already been done for the victim by the virus - they are just shutting down the criminal server that the victim's computer is communicating with.

With all the garbage out there, this may well be right. New stuff comes along every day and will continue. I would think that if this is concerned with "changing the DNS server" then you could easily find out if you are by looking at the IP config and see what the addies for the DNS in use are. Compare that with what your carrier is supposed to be and it should match. If not, then you need to clean it out.

thay

reply to post by ararisq


This makes more sense than the letter itself, thank you. That makes me curious, then, if any one of us in my household actually has such a virus, or if it's just a precautionary warning sent out (because it seems this isn't necessarily a "new" virus, according to.. Google)?

reply to post by thaelin


That's a pretty good idea. I'll go ahead and do that on mine and all the other computers tonight. Thanks.
..How do I do that?

I hope that the wording is not verbatim in that letter (just reads like a ESL person that is just barely got English down). Other than that, the other two posters definitely hit the nail on the head, especially about checking the DNS's.

I had something like this before, it was annoying and I learned a bit about security at that point.

I definitely wouldn't worry about the FBI shutting down your internet. They would rather gain as much info as they could on you.

One way to fix it is to go to www.comodo.com... and switch over to their secure DNS server. That way you don't have everyone asking "what operating system do you use?" "do you know how to get to your 'Network Connections' settings?" and getting 15 other questions and 20 different answers.

By the way, Comodo is an antivirus maker, and quite good. It's a quick download, and they can be trusted (I use those servers myself)....

ETA: My mistake. I misspoke. There is no download; there are instructions telling how to make the change.

The FBI has posted general information on this particular DNS Changer Malware at the following location: www.fbi.gov...

www22.verizon.com... elp/FiOSInternet/General+Support/Top+Questions/QuestionsOne/130407.htm

Here's more info for you at the link above

Originally posted by Ex_CT2
One way to fix it is to go to www.comodo.com... and switch over to their secure DNS server. That way you don't have everyone asking "what operating system do you use?" "do you know how to get to your 'Network Connections' settings?" and getting 15 other questions and 20 different answers.

By the way, Comodo is an antivirus maker, and quite good. It's a quick download, and they can be trusted (I use those servers myself)....

ETA: My mistake. I misspoke. There is no download; there are instructions telling how to make the change.

edit on 1/24/2012 by Ex_CT2 because: (no reason given)

Thank you, this seems rather helpful. I'm bookmarking it and will check it out later. Seems like it'll come in handy down the road..