Internet Storm Centre goes to INFOCON YELLOW.

There is a spreading "poisoning" attack on some key internet backbones that is starting to corrupt DNS cache files. These poisoned DNS caches redirect surfers from legitimate sites to sites that host self-installing malware when resolving URLs to IP addresses, Since caches refresh less than once an hour, the legitimate listings are not able to keep up with the rate of poisoning. No one seems to know what the final upshot of this will be, but it is interesting to note that global packet loss is approaching 10%, and is over 20% in southeast Asia at this point in time. The current Infocon level has been elevated to YELLOW.

Note that users of kernel-based operating-systems (and non-kernel systems that have a legitimate Memory Management Unit) will be unaffected by any potential malware - only Windoze users are affected and vulnerable.

Posted: Tue - April 5, 2005 at 06:54 PM