Newsletters
The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home Network Security Viruses & Malware Cybercrime Security Solutions More Topics...
Neustar, Inc.
Protect your website & network
using real-time information & analysis

www.neustar.biz
Network Security
Real-time info services with Neustar
Average Rating:
Rate this article:  
FBI Shuts Down DNSChanger Malware Servers
FBI Shuts Down DNSChanger Malware Servers

By Mark Long
July 9, 2012 1:56PM

Bookmark and Share
"Efforts to spread the word about the effects of shutting down the DNSChanger servers have hopefully made an impact," said security researcher Vikram Thakur. However, Thakur said "there is still an estimated 260,000 computers that will be affected" by Monday's shutdown. There was no outcry when the FBI pulled the plug on DNSChanger servers.
 

Related Topics

DNSChanger
FBI
Hackers
Virus


The FBI's shutdown at 12:01 AM Eastern Time Monday of servers supporting DNSChanger malware has not resulted in a huge outcry from Internet users worldwide.

Vikram Thakur, the principle security response manager at Symantec, told us that the impact of switching the replacement DNS servers off was "in line with what we expected."

"People with affected computers are less likely to publicize their network outage," Thakur said. "Instead, they'll be communicating with their local ISPs or computer technicians over the next several days or weeks."

According to the non-profit DNS Changer Working Group (DCWG), the malware works in tandem with DNS servers operated by cyber-criminals around the world. Given that all Web connections begin with DNS, DNSChanger makes it possible for criminals to deliver fake and malicious answers to search queries as well as direct the users of infected machines to fraudulent Web sites promoting bogus or even dangerous products.

"Efforts to spread the word about the effects of shutting down the DNSChanger servers have hopefully made an impact," Thakur said. However, Thakur also noted that DCWG's data indicates "there is still an estimated 260,000 computers that will be affected" by Monday's shutdown.

Prepping the DNS Server Shutdown

Last November, the FBI began operations against the cyber criminals running the rogue servers that support the DNSChanger malware. Since then, the bureau's cyber division has been working with the non-profit DCWG organization to operate temporary clean DNS servers.

The DCWG also established a Web site for hosting the detection tools that consumers needed to determine whether their machines are infected with a DNS changing virus such as TDSS, Alureon, TidServ or TDL4. The Web site provides consumers with infected machines with the directions for how to remove any of these viruses.

These preparatory steps helped pave the way for Monday's DNS server shutdown, according to the FBI.

"We've been using the last eight months to go out and clean up the infected computers, but we don't have everybody," said Thomas Grasso, a supervisory special agent at the FBI's cyber division.

Removing the Threat

Under the plan developed by the FBI and non-profit DNS Changer Working Group (DCWG), all the remaining infected PCs were to receive an "ICMP Unreachable" message beginning Monday morning. Thakur noted that Symantec's products do detect and remove the DNSChanger malware -- and non-Symantec customers can use Norton Power Erase to remove the threat -- but Symantec's security software cannot change the DNS configuration settings of infected machines.

"This is because there is no way for us to know the correct settings for each individual computer," Thakur said. "Users' ISPs should be able to walk them through correcting their settings. Alternatively, users can go to [the DCWG.org Web site] to see if they are affected by the issue and then follow the links describing how to correct their settings."

On the other hand, F-Secure reported Monday that some major Internet service providers appear to have configured their own substitute DNS servers that allow infected users on their systems to continue to access the Web -- even as these ISPs attempt to work out a final solution for the DNSChanger botnet problem.

"The FBI is out -- and ISPs are in," said F-Secure Security Labs blogger Mikko Hypponen. "All in all, things are working out as they probably should in a case such as this. The infection count continues to decrease without a major crisis in [ISP] support calls."
 

Tell Us What You Think
Comment:

Name:



You have the experience and skills, let an ISACA® certification demonstrate your value. Our certifications announce that you have the expertise and insight to speak with authority. ISACA certification is more than a credential; it's a platform that can elevate your career. Register for an Exam Today.


 Network Security
1.   Wall Street Journal Hacked Again
2.   Dropbox for Business Boosts Security
3.   Banks Hit by Android-Skirting Malware
4.   New Technology Defeats Privacy Efforts
5.   Juniper DDoS for High-IQ Networks


advertisement
Android SMS Worm on the Loose
Malware lets bad actors cash in.
Average Rating:
New Technology Defeats Privacy Efforts
Study identifies 3 browser techniques.
Average Rating:
Banks Hit by Android-Skirting Malware
34 institutions, four European countries
Average Rating:


advertisement
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Wall Street Journal Hacked Again
Hacked again. That’s the story at the Wall Street Journal this week as the newspaper reports that the computer systems housing some of its news graphics were breached. Customers not affected -- yet.
 
Dropbox for Business Beefs Up Security
Dropbox is upping its game for business users. The cloud-based storage and sharing company has rolled out new security, search and other features to boost its appeal for businesses.
 
34 European Banks Hit by Android-Skirting Malware
Criminals have been finding gaping holes in Android-based two-factor authentication systems that banks around the world are using. The result: 34 banks in four European countries have been hit.
 
New Web Tracking Technologies Defeat Privacy Protections
Recently developed Web tracking tools are able to circumvent even the best privacy defenses, according to a new study by researchers at Princeton and the University of Leuven in Belgium.
 
Juniper DDoS Solution Aims at High-IQ Networks
In the face of more complex attacks, Juniper Networks is boosting its DDoS Secure solution to help companies mitigate the threats with more effective security intelligence throughout the network fabric.
 
Large-Volume DDoS Attacks Hit Record in 2014
The number of distributed denial-of-service (DDoS) attacks set a record in the first half of 2014, according to a report by Arbor Networks. The number of attacks over 20 GB/sec doubled.
 
Can Google Put an End to Zero Day Flaws?
Google wants the Internet-using world to know that security is a top priority. That’s the message behind Project Zero, a team of researchers on the prowl for cyber threats and bugs.
 
U.N.: Nations Hide Rise in Private Digital Snooping
Governments on every continent are hiding an increasing reliance on private companies to snoop on citizens' digital lives, the U.N. human rights office says, with grave concerns about privacy.
 
Google Sends Hacker Team to Hunt Bugs
If it takes a thief to catch a thief, Google is hoping that it takes a hacker to catch a hacker. Project Zero is a team of top security researchers whose job is to track down zero-day vulnerabilities.
 
Russian Hackers Attack CNET Database
It’s hardly Anonymous, but the results are similar. CNET was attacked by Russian hackers over the weekend. Twitter user @rev-priv8 put up an image of an apparent remote access to a CNET.com server.
 
FBI Cyber-Expert Is Ex-Discount Furniture Salesman
J. Keith Mularski's world has expanded greatly since he stopped selling discount furniture to join the FBI in 1998. He is now recognized as one of the country's foremost experts on cybercrime.
 
Chinese Man Accused of Hacking into U.S. Computers
Authorities have charged a Chinese businessman with hacking into the computer systems of U.S. companies with large defense contracts, including Boeing, to steal data on military projects.
 
Report: Chinese Hackers Hit U.S. Personnel Networks
Hackers from China broke into the computer networks of the U.S. Office of Personnel Management earlier this year with the intention of accessing the files of tens of thousands of federal employees.
 

Enterprise Hardware Spotlight
Microsoft Makes Design Central to Its Future
Over the last four years, Microsoft has doubled the number of designers it employs, putting a priority on fashioning devices that work around people's lives -- and that are attractive and cool.
 
Contrary to Report, Lenovo's Staying in Small Windows Tablets
Device maker Lenovo has clarified a report that indicated it is getting out of the small Windows tablet business -- as in the ThinkPad 8 and the 8-inch Miix 2. But the firm said it is not exiting that market.
 
Seagate Unveils Networked Drives for Small Businesses
Seagate is out with five new networked attached storage products aimed at small businesses. The drives are for companies with up to 50 workers, and range in capacity from two to 20 terabytes.
 
Another Day, Another Internet of Things Consortium Is Born
In the emerging Internet of Things, zillions of devices will be talking to each other. Samsung, Intel and Dell just formed a consortium to ensure each thing can understand what others are saying.
 
Gartner Sales Study Sees Tablets Up, PCs Down but Recovering
Are PCs on the comeback trail? That depends on how you define "comeback." While tablet sales remain strong, Gartner's latest study found PC shipments aren't dropping as fast as they did last year.
 
Oracle Unveils Upgrades to ZS3 Storage Server Line
Enhancements to the ZFS Storage ZS3 Series were released by Oracle Wednesday, enabling the ZS3-2 to handle more than 16,000 virtual machine boots from a single platform in less than 7 minutes.
 
Intel Heralds New Xeon Server Chip, Most Powerful Ever
It’s called Knights Landing and it’s the most powerful version of Intel’s Xeon Phi supercomputing processor. The chip is set to be available in commerical systems in the second half of 2015.
 
Review: Warming Up to Tablets with Keyboard Covers
If you've ever thought tablets with keyboard covers were just a poor excuse for a laptop, think again. Nokia's Lumia 2520 comes with an optional keyboard cover that just may change your mind.
 
Facebook Unveils Wedge Open-Source Network Switch
It turns out Facebook is into networking that is more than just social, unveiling an open-source, software-defined networking switch that could ultimately disrupt the networking equipment market.
 
Review: Microsoft Surface Pro 3 an iPad Alternative
When Microsoft announced the Surface, the tablet was unsuccessfully pitched as an iPad alternative. Now it's being marketed to consumers as a replacement for both their iPads and MacBooks.
 
Schneider Electric Unveils Data Center Power Modules
New modules for data center electricity needs are being offered by Schneider Electric. The company described the new prefabricated approach as "revolutionary" in its flexibility and customization.
 
Broadcom Unveils XLP500 Series with SDN in Mind
With so much focus on software-defined networks, Broadcom is expanding its XLP II multi-core communications processors line to meet evolving industry needs with the XLP500 Series.
 
Best of Interop 2014 Finalists Announced
Judges have chosen finalists for this year's Best of Interop awards, with winners to be named April 1 in Las Vegas. The nine categories include networking, mobility, security, cloud and data storage.
 
Cisco Telecom Router Ready for Internet Traffic Flood
The Carrier Routing System-X unveiled by Cisco for the telecom industry is a 400 Gbps per slot system that can be expanded to nearly 1 petabit per second, enough to deal with the coming flood in demand.
 
Interop: Networking Leaders Demo Shortest Path Bridging
Avaya, Alcatel-Lucent, Spirent and HP are teaming to endorse Shortest Path Bridging for fabric networking, and they're demonstrating their multi-vendor network for the first time at Interop Las Vegas.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Cybercrime | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.