The police of the United States predict that over 100 thousand computers will lose their broadband connection when the Feds pull the plug on servers controlling DNSchanger.
According to the reports, on July 9, the Feds will disable rogue DNS servers seized late in 2011. The FBI believes that by then there will be 100 thousand P?s left in the botnet. One may think that this figure is too large, but it turns out that it’s just 1/3 of the 350,000 to 400,000 people who, according to the FBI, still have the DNSChanger malware on their modems or Windows PCs. Security experts confirm that it is also a fraction of the 4,000,000 users who were infected at the height of the Estonian scam.
Meanwhile, 6 Estonian citizens have been arrested under suspicions of distributing the malware. They are now subject to extradition procedures to face charges in the US. The police gained interim control of the rogue DNS servers, but the Feds expect to take them offline on July 9, after a 4-month court ordered extension of the program expires.
Paul Vixie, the representative of the Internet Systems Consortium, notified AusCERT 2012 attendees that ISPs would have to rush new modems to people who think they might still have the malware present on their devices. The matter is that the scammers scripted the Internet interface and changed the DNS settings in the CPE of the modem, so it is now very difficult to get the modems re-programmed.
In other words, more than 100,000 PCs may lose Internet connection in a couple months. Some subscribers who suspect that they may still have malware in question might want to solve the problem before the 9th of July.
According to the reports, on July 9, the Feds will disable rogue DNS servers seized late in 2011. The FBI believes that by then there will be 100 thousand P?s left in the botnet. One may think that this figure is too large, but it turns out that it’s just 1/3 of the 350,000 to 400,000 people who, according to the FBI, still have the DNSChanger malware on their modems or Windows PCs. Security experts confirm that it is also a fraction of the 4,000,000 users who were infected at the height of the Estonian scam.
Meanwhile, 6 Estonian citizens have been arrested under suspicions of distributing the malware. They are now subject to extradition procedures to face charges in the US. The police gained interim control of the rogue DNS servers, but the Feds expect to take them offline on July 9, after a 4-month court ordered extension of the program expires.
Paul Vixie, the representative of the Internet Systems Consortium, notified AusCERT 2012 attendees that ISPs would have to rush new modems to people who think they might still have the malware present on their devices. The matter is that the scammers scripted the Internet interface and changed the DNS settings in the CPE of the modem, so it is now very difficult to get the modems re-programmed.
In other words, more than 100,000 PCs may lose Internet connection in a couple months. Some subscribers who suspect that they may still have malware in question might want to solve the problem before the 9th of July.
No comments:
Post a Comment