FBI could take down Internet for millions on March 8
By Andrew Couts | Digital Trends –
The Federal Bureau of Investigation
may soon be forced to shut down a number of key Domain Name System (DNS) servers,
which would cut Internet access for millions of Web users around the world, reports
BetaBeat.
http://www.betabeat.com/2012/02/15/fbi-could-pull-the-plug-on-millions-of-internet-u
sers-march-8/
The DNS servers were installed by the FBI last year, in an effort to stop the spread of a
piece of malware known as DNSCharger Trojan. But the court order that allowed the set up
of the replacement servers expires on March 8.
In November of last year, authorities arrested six men in Estonia for the creation and
spread of DNSCharger, which reconfigures infected computers’ Internet settings, and
re-routes users to websites that contain malware, or other illegal sites. DNSCharger also
blocks access to websites that might offer solutions for how to rid the computer of its worm,
and often comes bundled with other types of malicious software.
By the time the FBI stepped in, DNSCharger had taken over computers in more than 100
countries, including half-a-million computers in the US alone. To help eradicate the
widespread malware, the FBI replaced infected servers with new, clean servers, which
gave companies and individuals with infected computers time to clean DNSCharger off
their machines.
Unfortunately, DNSCharger is still running on computers “at half of the Fortune 500
companies,” and at “27 out of 55 major government entities,” reports cybersecurity
journalist Brian Krebs.
http://krebsonsecurity.com/2012/02/half-of-fortune-500s-us-govt-still-infected-with-dn
schanger-trojan/
These computers rely on the FBI-installed DNS servers to access the Web. But if the court
order is not extended, the FBI will be legally required to remove the clean servers, which
would cut off the Internet for users still infected with DNSCharger.
Companies or other agencies that are unsure whether their systems are infected with
DNSCharger can get free assistance here.
http://dcwg.org/cleanup.html
And private users can find out if they are infected using instructions provided here.
http://dcwg.org/checkup.html