DNSChanger Infects 50% of Fortune 500 Companies and More

Technology and services provider Internet Identity (IID) declared that 50% of the entire companies listed in Fortune 500 as well as prominent federal agencies of USA were contaminated with the malevolent program known as DNSChanger. MarketWatch published this dated February 2, 2012.

Significantly, during November 2011, the U.S DOJ (Department of Justice) organized one important shutdown operation of the DNSChanger that during its most active time was loaded onto over 4m Macs and Windows PCs globally, with 25% of them within just USA.

Apparently, DNSChanger alters a computer system's DNS (domain name system), letting fake Web-servers to divert lawful URLs and online searchers. Further, it deactivates software updates and anti-virus programs, making the infected computers vulnerable to malware assaults so data can be accessed from those systems, including e-mails interchanged as well as other information stored thereon.

During an analysis, by security analysts, of DNSChanger, it was found that the malware prevented software updates from getting downloaded, blocked security patches that Microsoft and other vendors might release for fixing vulnerabilities, as well as deactivated security software deployed on the infected systems. But, the analysts indicated that PCs still having the DNSChanger had just weeks by the time when they'd get damaged.

Rod Rasmussen, President and CTO of IID said that at first DNSChanger was extremely troublesome as it could divert an end-user from his destination website onto a cyber-criminal controlled dangerous location. But, FBI tentatively found a solution for that. Currently, there was a different trouble though, i.e. computers, which continued to be contaminated, remained little secured if at all, Rasmussen explained. IStockAnalyst published this on February 2, 2012.

Indeed, FBI's operation, "Ghost Click" has concluded with 6 Estonian nationals getting arrested over manipulation of innumerable DNSChanger contaminated PCs. Alongside these arrests, authorities confiscated many computers, which according to the FBI, were getting utilized like malicious DNS servers. However, rather than simply taking them down, these servers are now tentatively substituted with genuine ones for a 120-day period.

Meanwhile, the DNSChanger Working Group is providing information, free of cost, regarding the way for determining whether or not a network has contracted DNSChanger.

Related article: DNSChanger Trojan on Mac OS X Slows Down Web Browsing

» SPAMfighter News - 2/9/2012