Does the DNS-Changer Bug Affect the FatPipe Device?

No, the DNS Changer Bug is not a FatPipe related issue.

It is a virus that exists on the LAN - the outside world would see the IP address of the WAN interface the packet exits and flag that IP - but it is not a FatPipe related issue - the device on the LAN that is causing the issue/bug would need to be found and quarantined.


Additional information regarding DNSChanger is provided below:


In order for the REN-ISAC to learn how we can best aid the education community with network security matters we'd greatly appreciate hearing back from you regarding action on this incident and how, if at all, this information proved useful.


Research and Education Networking ISAC

24x7 Watch Desk: +1(317)278-6630,




Regarding DNSChanger:


"DNSChanger is a trojan that will change the infected system's Domain

Name Server (DNS) settings, in order to divert traffic to unsolicited,

and potentially illegal sites." [1]


[1] Trojan:W32/DNSChanger


Additional information:


Aliases [2]


TR/Dldr.DNSChanger (Avira)

Win32/Alureon (CA)

Trojan.DnsChange (Dr.Web)

Trojan.Zlob (Ikarus)

Trojan-Downloader.Win32.Zlob (Kaspersky)

DNSChanger (McAfee)

Troj/Zlob (Sophos)

Trojan-Downloader.Win32.Femad (Sunbelt Software)

Trojan.Zlob (Symantec)

TROJ_DNSCHAN (Trend Micro)


[2] Win32/Alureon


Rogue DHCP servers


DNS changer Trojan for Mac (!) in the wild (part 1)


(Minor) evolution in Mac DNS changer malware (part 2)


OS X DNS Changers part three (part 3)





Attachment: The incident data presented above is also provided in IODEF format

in the attached file. If you have questions about using the IODEF-formatted

data in automated processing with your incident tracking system, see:



53 of 127 people found this helpful.   

Powered by LiveZilla Live Help