March 06, 2012

Four-month extension request approved in DNSChanger case

For those who haven't noticed if their systems are infected with the DNSChanger malware, there is still time.

A judge on Monday granted a request to allow for a four-month extension of the operation of temporary DNS servers, allowing malware-infected PCs to stay connected to the internet until they are swept clean of the virus.

According to the federal court order, published by security blogger Brian Krebs, the replacements of the rogue servers used in the malware distribution will not be disconnected for another 120 days, giving businesses and governments additional time to react to the infections.

Security firm Internet Identity (IID) reported early last month that roughly half of Fortune 500s and U.S. government agencies are still grappling with the epidemic. Of the nearly three million PCs infected worldwide, at least 500,000 are in the United States.

According to the IID report, “If an enterprise's employee has DNSChanger on their computer, it means that enterprise is susceptible to having their proprietary information stolen.”

IID updated its infection figures last week, indicating a major downturn in the number of affected enterprises. The extension given on Monday could lead to an even more dramatic decrease in the contagion.

As well as disabling anti-virus and software updates for users, the DNSChanger malware redirects infected computers to malignant sites via the rogue DNS servers used, which, according to the federal court order, were located at data centers in Manhattan and Chicago.

While businesses and government agencies were a target of the trojan, home users were also affected, which hauled in $14 million, according to the FBI.

Arrests in relation to the attack -- which hauled in an estimated $14 million, according to the FBI -- were made in November following a two-year investigation, dubbed Operation Ghost Click.

The FBI is currently seeking the extradition of six Estonian nationals linked to the attacks, who, according to them, used the malware to “manipulate the multi-billion-dollar internet advertising industry.”

Related Articles
Related Topics

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.