DNSChanger shutdown misses 'internet doomsday'

Powered by SC Magazine
 

ISPs step in as FBI pulls plug on DNSChanger.

US authorities have officially cut off servers in New York put in place to direct internet traffic for computers infected with the DNSChanger malware.

But concerns around a potential internet blackout for an estimated 211,000 computers still believed to be infected at the time of the shut down were ultimately unfounded.

Approximately 6000 Australian internet subscribers faced a similar fate locally, with the majority sourced to Telstra connections.

"All quiet," said Barry Greene, a security consultant who volunteers with the DNS Changer Working Group, an ad-hoc group of experts who teamed up to help fight the virus and educate the public about eradicating the malware.

The working group was using the number of service calls to internet service providers as a barometer for measuring the impact of the sever shutdowns.

As of Monday afternoon New York time, providers had seen no increase in call volume.

"The outreach campaign has reached everyone humanly possible," Greene said.

Victims of the virus originally required assistance because the virus had changed DNS settings on their PCs or routrs, diverting internet traffic through rogue servers that showed them advertisements. Police shut them down in November.

Infected machines would have been unable to access the web unless they were repaired, so authorities put the backup system in place as a stopgap measure.

That is a tiny fraction of the world's more than one billion Internet users, said Luis Corrons Granel, technical director with the research lab of anti-virus software maker Panda Security.

"[It's] not a big impact," he said.

The number of users who actually lost Internet service was likely far fewer than the 211,000 who accessed the temporary server on Sunday, said Mikko Hypponen, of FSecure.

Some internet service providers — such as AT&T and Time Warner Cable in the US, and Telstra in Australia — had set up their own DNS redirection servers so customers with infected machines could continue to access the internet.

The US has charged seven people with orchestrating the worldwide internet fraud. Six were arrested in Estonia, while the seventh, who was living in Russia, is still at large. Estonia has extradited two of the men to New York, where they appeared in Manhattan federal court.


DNSChanger shutdown misses 'internet doomsday'
Police confiscate servers during a raid in Estonia. Source: Mikko Hyppönen/F-Secure
 
 
 
Top Stories
Matching databases to Linux distros
Reviewed: OS-repository DBMSs, MariaDB vs MySQL.
 
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Who'd have picked a BlackBerry for the Internet of Things?
[Blog] BlackBerry has a more secure future in the physical world.
 
 
Police confiscate servers during a raid in Estonia. Source: Mikko Hyppönen/F-Secure
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  70%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  12%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 707

Vote