Four-month extension approved in DNSChanger case

By

Enterprises gain extra time to remove trojan.

A US judge has granted a four-month extension for the operation of temporary DNS servers installed to combat a trojan affecting three million PCs globally.

Four-month extension approved in DNSChanger case

The extension request, published by security blogger Brian Krebs, would delay the replacement of the rogue servers used in the malware distribution for another 120 days, giving businesses and governments additional time to react to the infections.

Security firm Internet Identity (IDD) reported early last month that roughly half of Fortune 500s and US government agencies were still grappling with the epidemic. Of the nearly three million PCs infected worldwide, at least 500,000 are in the United States.

According to the IDD report, “if an enterprise's employee has DNSChanger on their computer, it means that enterprise is susceptible to having their proprietary information stolen".

IDD updated its infection figures last week, indicating a major downturn in the number of affected enterprises. The extension given on Monday could lead to an even more dramatic decrease in the contagion.

As well as disabling anti-virus and software updates for users, the DNSChanger malware redirects infected computers to malignant sites via the rogue DNS servers, located at data centers in Manhattan and Chicago.

While businesses and government agencies were a target of the trojan, home users were also affected.

Arrests in relation to the attack -- which hauled in an estimated $14 million, according to the FBI -- were made in November after a two-year investigation.

The FBI is currently seeking the extradition of six Estonian nationals linked to the attacks, who, according to them, used the malware to “manipulate the multi-billion-dollar internet advertising industry".

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

Log In

  |  Forgot your password?