Sunday, April 22, 2012

Hundreds of thousands may lose Internet in July

When I first saw the headline above on SFGate.com, I, like you probably, thought "huh?"

 

However, trust me, this is legit.  According to an AP story by Lolita C. Baldor, there truly is going to be a loss of Internet for roughly 360,000 users worldwide with 85,000 of those users in the US.

 

It seems that a while back some Estonian hackers used a Windows vulnerability to plant some malware on victimized computers.  The result was a loss of A/V updates, but the most intriguing result was a complete change in how the machines accessed DNS servers.  For those of you not familiar with DNS, let me explain.

 

When you type in a website address into the address bar in your browser, that address is sent to a Domain Name Server (DNS).  There the "words" you entered are actually looked up and converted to a  number, which is the actual "address" of the website.  Think of it like a phone number.  You may tell your smartphone "call home" but it doesn't actually call "H-O-M-E".  It looks in the address book and finds the phone number associated with that name.  Same basic thing on the Internet.

 

So, when the Estonian malware hijacked these systems it told the infected computers to go to a totally different DNS.  This was then used to send the browsers to wherever the criminals wanted.

 

The reason?  Revenue.  The hackers made money from advertisers on the websites that were visited… oh you know, about $14 million.  Yup, $14 million.

 

The problem is that the FBI found the crooks and shut the operation down.  Crime doesn't pay, you  know.

 

However, the Feds were nice enough to create "friendly" servers to replace the rogue DNS system that was setup by the hackers.  However, the cost of those friendly servers is $87,000 and they are about to be shut down.  That means the infected machines will soon be looking for DNS servers that don't exist.

 

To get all the details, check out the story on SFGate.com

 

Oh… Mac users, don't post gloating comments.  I'm sitting here running F-Secure for Mac as our beloved OS shows more and more vulnerabilities.

Post a Comment