Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 1561 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Should Sophos detect DNSChanger

StephenP3
Does Sophos detect the much publicised DNSChanger malware? We discovered one of our servers to be infected this morning and our MSP is claiming it's not detectable by standard antivirus. As far as I'm concerned, the presence of this one piece of malware could be indicative of a more widespread problem Knowing whether Sophos detects DNSChanger, and if it does how long it has, would be a massive help. Thanks.
:26845


This thread was automatically locked due to age.
Parents
  • 0

    Hello StephenP3,

    not knowing what exactly infected means in this context and without any details I can't comment on the particular incident. I can give you some pointers to the analyses (.../DNSChan-xx and .../DNSCha-xx) as well as a few articles on nakedsecurity.  As you see, it has been around for some time now and is by no means unknown to Sophos.

    Are you a Sophos customer? If so, you should contact Support to analyze the situation. But even if you aren't they might be interested in you findings.

    Christian

    :26865
Reply
  • 0

    Hello StephenP3,

    not knowing what exactly infected means in this context and without any details I can't comment on the particular incident. I can give you some pointers to the analyses (.../DNSChan-xx and .../DNSCha-xx) as well as a few articles on nakedsecurity.  As you see, it has been around for some time now and is by no means unknown to Sophos.

    Are you a Sophos customer? If so, you should contact Support to analyze the situation. But even if you aren't they might be interested in you findings.

    Christian

    :26865
Children
No Data