Buy or Renew
Buy or Renew
NOTICE: OpenDNS Service Currently Not Available To Users In Belgium. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
59
Views
0
Helpful
1
Replies

Can a Printer/NAS/Console harbour malware?

mikeopen
Level 1
Level 1

‎04-07-2015 02:53 AM

Hi.  I've been using OpenDNS for a few years, and have left the blocking OFF for the last year or so.  I recently logged back in on a bit of a whim and discovered between 7,000 to 10,000 entries per day for www.piccolina.co.cc from my home network.  A quick google revealed that co.cc domains are very suspicious and I assumed that I had malware somewhere on my network.

I've been struggling to work out which device had the malware.  We recently left the house for a few days over easter.  All our mobile devices came with us and all the PCs in the house were turned off.  I returned expecting to see no entries for that domain, but was amazed to see that it has been continuing unabated.

The only networked devices left on were...

Sony TV, XBox One Console, Rasbery Pi running  RaspBMC, WiiU, HP WiFi Printer, DLink Sharecentre NAS, Netgear 3700 Router, Virgin Media Cable Modem

Is it possible that one of these devices has malware?

Thanks for your help!

Mike

Labels:
0 Helpful
1 Reply 1

rotblitz
Level 6
Level 6

‎04-07-2015 07:18 AM

Any device with software/firmware on it can theoretically host malware.  The many DNS queries may not indicate malware at all unless the domain www.piccolina.co.cc hosts indeed malware.

You may also consider that someone else used your internet connection, e.g. via an unsecured WLAN.  Or there was a wrong IP address registered with your dashboard network, and you caught DNS traffic from another OpenDNS user.

0 Helpful
Customers Also Viewed These Support Documents