DNSChanger shutdown misses 'internet doomsday'

Powered by SC Magazine

ISPs step in as FBI pulls plug on DNSChanger.

US authorities have officially cut off servers in New York put in place to direct internet traffic for computers infected with the DNSChanger malware.

But concerns around a potential internet blackout for an estimated 211,000 computers still believed to be infected at the time of the shut down were ultimately unfounded.

Approximately 6000 Australian internet subscribers faced a similar fate locally, with the majority sourced to Telstra connections.

"All quiet," said Barry Greene, a security consultant who volunteers with the DNS Changer Working Group, an ad-hoc group of experts who teamed up to help fight the virus and educate the public about eradicating the malware.

The working group was using the number of service calls to internet service providers as a barometer for measuring the impact of the sever shutdowns.

As of Monday afternoon New York time, providers had seen no increase in call volume.

"The outreach campaign has reached everyone humanly possible," Greene said.

Victims of the virus originally required assistance because the virus had changed DNS settings on their PCs or routrs, diverting internet traffic through rogue servers that showed them advertisements. Police shut them down in November.

Infected machines would have been unable to access the web unless they were repaired, so authorities put the backup system in place as a stopgap measure.

That is a tiny fraction of the world's more than one billion Internet users, said Luis Corrons Granel, technical director with the research lab of anti-virus software maker Panda Security.

"[It's] not a big impact," he said.

The number of users who actually lost Internet service was likely far fewer than the 211,000 who accessed the temporary server on Sunday, said Mikko Hypponen, of FSecure.

Some internet service providers — such as AT&T and Time Warner Cable in the US, and Telstra in Australia — had set up their own DNS redirection servers so customers with infected machines could continue to access the internet.

The US has charged seven people with orchestrating the worldwide internet fraud. Six were arrested in Estonia, while the seventh, who was living in Russia, is still at large. Estonia has extradited two of the men to New York, where they appeared in Manhattan federal court.

DNSChanger shutdown misses 'internet doomsday'
Police confiscate servers during a raid in Estonia. Source: Mikko Hyppönen/F-Secure
Top Stories
Windows 10 lands in Australia
Campaign to get business to upgrade kicks off.
NSW to build its own myGov
Service NSW digital profiles available by September.
Android bug leaves a billion phones open to attack
Hackers only need phone number to target devices.
Police confiscate servers during a raid in Estonia. Source: Mikko Hyppönen/F-Secure
Sign up to receive iTnews email bulletins
Latest Comments
Should law enforcement be able to buy and use exploits?

   |   View results
Only in special circumstances
Yes, but with more transparency