FBI Takes Out $14M DNS Malware Operation

← Back to Stories (view on slashdot.org)

FBI Takes Out $14M DNS Malware Operation

Posted by samzenpus on Wednesday November 9, 2011 @10:38AM from the take-em-down dept.

coondoggie writes "U.S. law enforcement today said it had smashed what it called a massive, sophisticated Internet fraud scheme that injected malware in more than four million computers in over 100 countries while generating $14 million in illegitimate income. Of the computers infected with malware, at least 500,000 were in the United States, including computers belonging to U.S. government agencies, such as NASA."

8 of 57 comments (clear)

Min score:

Reason:

Sort:

Last Post by Anonymous Coward · 2011-11-09 10:39 · Score: 3, Funny

Posted from one of the bots.
Nice job Feds. Credit when credit is due. by bazmail · 2011-11-09 10:43 · Score: 4, Insightful

Sometimes you just gotta hand it to 'em
1. Re:Nice job Feds. Credit when credit is due. by houstonbofh · 2011-11-09 10:49 · Score: 4, Funny
  
  Sometimes you just gotta hand it to 'em
  Other times, they just take it... :)
4 million? MASSIVE?!? by ackthpt · 2011-11-09 10:57 · Score: 3, Interesting

That's like claiming the interception of one bale of weed at the Mexican Border is a Major Interdiction.
Still, glad they're doing something. Every little bit helps.

--

A feeling of having made the same mistake before: Deja Foobar
Re:Operating systems stats? by Baloroth · 2011-11-09 10:57 · Score: 4, Informative

The FBI info PDF on the malware ( DNSChanger) lists instructions for checking OSX to see if you're infected. It also mentions the malware changes router settings if they are still at defaults. I'm guessing it infects Windows and Mac, with Linux/FreeBSD/Hurd being unaffected as per usual.

--
"None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
FBI stops DNS poisoning scheme by Compaqt · 2011-11-09 11:01 · Score: 4, Funny

The FBI managed to stop MAFIAA from passing PROTECT-IP?

--
I'm not a lawyer, but I play one on the Internet. Blog
Of course, there are some remaining problems... by Arrogant-Bastard · 2011-11-09 12:14 · Score: 3, Interesting

...because there are now 4 million pre-compromised systems in the field. It's a certainty that they are now all attractive targets for anyone clever enough to detect them and acquire control of them. I think chances are quite good that as you're reading this, more than one person/group is attempting that very thing. They'll probably succeed. And when they do, they'll use yet another C&C mechanism to organize them, harness them, and get on to whatever mischief they choose.

Seen in that context, this announcement is just a PR exercise. It has no real significance.
How to check DNS server settings on OS X by DrProton · 2011-11-09 13:59 · Score: 3, Informative

This is good on Lion and Snow Leopard AFAIK: networksetup -getdnsservers Ethernet Wi-Fi
This command has extensive help: networksetup -help
I use networksetup every day. I have numerous makefile targets that change my network settings based on my location. I'm a a road warrior changing networks frequently and using a VPN and ssh to connect to the corporate network.

--
"Mit der Dummheit kaempfen Goetter selbst vergebens." - Schiller