DNSChanger is a type of malware called a Trojan Horse -- it changed the DNS settings on infected systems to point to rogue DNS servers that then redirected requests for legitimate sites to malicious sites that tried to steal personal and financial information. Even if no information was stolen, the redirects to fake URLs generated ad traffic income for the criminals. The Estonians began their infection campaign with Windows PCs and soon branched out to include Mac OS workstations and network routers. Legitimate DNS servers are the backbone of the Internet, directing users to the IP addresses behind the URLs of websites; rogue DNS servers can cause severe problems for all Internet users.
The FBI investigation, dubbed Operation Ghost Click, began in 2009 and culminated last week in the seizure of the hardware housing the rogue DNS servers and the arrest of the six criminals by Estonian legal authorities -- US authorities have begun extradition procedures. Because so many legitimate computers had been re-configured with the IP addresses of the fake DNS servers, authentic DNS servers with those same IP addresses were set up by the FBI to minimize the disruption for innocent computer users.
To aid those whose computers may have been maliciously re-configured, the FBI has set up a Rogue DNS Checker website to enable anyone to find out if they have been infected with this Trojan horse malware. First, you check the DNS settings of your own computer or router to see what IP addresses are being used to find DNS servers. Second, you manually enter each IP address on the secure FBI website to see if it is one of those set up for this rogue DNS infrastructure. If it is, you should contact your ISP or a local computer professional to find out what legitimate IP addresses should be used for finding DNS servers and how the DNSChanger malware can be removed.
Be aware that this version of DNSChanger is only one of many of the same type in action across the entire Internet. There are also many other types of malware that can cause significant damage to data centers and web hosting functions. Providers of hosting services should use this news as a way to educate their customers on the need to be vigilant and to inform customers of the availability of anti-malware solutions.
-
2012-05-16
A new tactic is being used by fashion companies trying to stop the online sale of counterfeit versions of their trademark luxury products. Up until about ten years, ago, companies like Chanel and Louis Vuitton w...
-
2012-05-10
A recent double release of patches by the PHP Group to remedy a vulnerability in Web servers is symptomatic of a problem that those who are responsible for Web servers know all too well. When a vulnerability is ...
-
2012-05-08
Last month, government takedowns of criminal websites revealed a disturbing trend: the use of e-commerce to sell illegal data. We've all used online shopping carts and clicked the checkout button on many commerc...
-
2012-05-03
The Cyber Information Sharing and Protection Act (CISPA) that was passed by the US House of Representatives last week by a vote of 248 to 168 appears to be the next piece of computer-related legislation that wil...
-
2012-04-26
A recent report on the source and types of application hacking attacks upon Web servers highlights the linked growth of two characteristics, sophistication and automation, for the first few months of 2012. Web a...
-
2012-04-24
The war over copyright infringement between Big Media and Internet Service Providers (ISPs) is not confined solely (of course) to the United States and Europe. Recently, a court battle was won by iiNet Limited, ...
-
2012-04-20
Federal authorities, attempting to trace back three threatening emails that were sent over the last few months to Pennsylvania reporters about bombs supposedly planted at the University of Pittsburgh, found a we...
-
2012-04-17
Anyone who played the game of Hot Potato as a child will instantly understand the current situation of the fees for servers involved in the Megaupload case. Last January, the popular file-sharing web site was se...
-
2012-04-12
Attacks on web servers by hackers is one of those events most feared by web hosting providers. Besides being categorized by the damage done, these events can also be classified by the type of technique used in t...
-
2012-04-03
Several trends have started to coalesce recently into a pattern that augurs well for the growth of cloud computing as a service that can be sold to customers who are already purchasing web hosting services. Clou...
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
