FBI net shut off has 'limited' impact on victims

Updated on: 2012-07-09 || Source: bbc.com

More than 300,000 people, including many in the US and UK, may have lost net access as the FBI shuts down servers used by cyber thieves.

The FBI seized the servers in November 2011 during raids to break up a hi-tech gang who used the DNS Changer virus to infect more than four million victims.

Victims' web searches were routed through the servers so they saw adverts that led to the gang being paid.

Many machines still harbour the gang's malicious code.

Global clean up

Since the computers were seized the FBI has kept them going with the help of Californian company ISC.

Over the last few months, the FBI has worked with many ISPs and security firms to alert victims to the fact that their PC was infected with DNS Changer. Online tools are available that let people check if they are infected.

The servers were finally switched off at 1201 EDT (0401 GMT) when the court order the FBI won to keep the computers going expired.

The result could be that people have lost net access because PCs that are still victims of DNS Changer now have nowhere to go when they need to look up the location of a particular domain such as bbc.co.uk.

Top 10 DNS Changer infections

  • US - 69,517
  • Italy - 26,494
  • India - 21,302
  • UK - 19,589
  • Germany - 18,427
  • France, 10,454
  • China - 10,304
  • Spain - 10,213
  • Canada - 8,924
  • Australia - 8,518

However, it might take some time for the problems to become apparent, said Sean Sullivan, a security researcher at F-Secure.

"Initially some domains will be cached which will mean web access will be spotty," he said. "People will be confused about why some things work and some do not."

Other security experts said the remaining infected machines may harbour the malware for some time to come.

"Reaching victims is a very hard problem, and something we have had issues with for years," said Johannes Ullrich, a researcher with the Sans security institute.

He expected the impact to be "minimal" because many of these systems were no longer used or maintained.

Early reports suggest the turn off had not caused any problems. South Korea was one of the first geographies that could have suffered the effects.

"The impact will be limited," said Lee Sang-hun, head of network security at the country's Communications Commission. Statistics gathered by the DNS Changer Working Group (DCWG) suggest only a few thousand machines were at risk of losing access in Korea.

The DCWG said the largest group of machines still harbouring the infection were in the US but many other nations, including Italy, India, the UK and Germany, had substantial numbers checking in with the ISC servers.

Some ISPs in the US put in place "technical solutions" in place that would direct people towards sources of aid.

At its height, DNS Changer racked up more than four million victims. This has been whittled down to just over 300,000, said the DCWG.

The gang racked up more than $14m (£9m) by hijacking web searches and forcing victims to see certain adverts. They managed to do this because their servers were taking over a key web function known as domain name look-up.

Domain names are the words humans use, such as bbc.co.uk, for websites. These are converted into the numerical values that computers use by consulting domain name servers (DNS).

When a person types a name into a browser address bar, often their computer will consult a DNS server to find out where that website resides online.

News

Blackphone 2 'privacy' Android handset revamped
Security firm Silent Circle has revamped its smartphone that helps people manage personal data.
Chinese smartphones mount massive web attack
More than 650,000 Chinese smartphones have been unwittingly enrolled in a massive attack that overwhelmed a web
Hilton investigates hack claims
The Hilton hotel group has said it is investigating claims its US shops and gift stores may be the source of
Twitter website 'blocked' in Turkey
Twitter users in Turkey report that the social media site has been blocked in the country.

SIGN UP FOR NEWSLETTER

Sign up to received our free newsletter!
Name:
E-mail ID:

MOST READ

Views: 4907 Times
Spelling and Grammar Checking in Word 2007 READ MORE
Views: 2540 Times
Seoul court rules Samsung didn't violate Apple design READ MORE
Views: 2902 Times
Omate Truesmart watch secures Kickstarter funds READ MORE
Views: 5270 Times
Download Firefox for Android 14 Beta with Flash Support READ MORE
Views: 7214 Times
PHP: Create Your Own MVC (Part 3) READ MORE

Home|IT News|Computer Tips|Video Tutorials|Download Softwares|Subjects|Contact Us
Copyright © 2018. Jumbo Education (Information Technology). All rights reserved.
Free counter and web stats

Large Visitor Globe