FBI shut off of Internet has ‘limited’ impact on victims
Posted by Xeno on July 10, 2012
More than 300,000 people, including many in the US and UK, may have lost net access as the FBI shuts down servers used by cyber thieves.
The FBI seized the servers in November 2011 during raids to break up a hi-tech gang who used the DNS Changer virus to infect more than four million victims.
Victims’ web searches were routed through the servers so they saw adverts that led to the gang being paid.
Many machines still harbour the gang’s malicious code.
Global clean up
Since the computers were seized the FBI has kept them going with the help of Californian company ISC.
Over the last few months, the FBI has worked with many ISPs and security firms to alert victims to the fact that their PC was infected with DNS Changer. Online tools are available that let people check if they are infected.
The servers were finally switched off at 1201 EDT (0401 GMT) when the court order the FBI won to keep the computers going expired.
The result could be that people have lost net access because PCs that are still victims of DNS Changer now have nowhere to go when they need to look up the location of a particular domain such as bbc.co.uk.
However, it might take some time for the problems to become apparent, said Sean Sullivan, a security researcher at F-Secure.
“Initially some domains will be cached which will mean web access will be spotty,” he said. “People will be confused about why some things work and some do not.”
Other security experts said the remaining infected machines may harbour the malware for some time to come.
“Reaching victims is a very hard problem, and something we have had issues with for years,” said Johannes Ullrich, a researcher with the Sans security institute. …