The Protect IU Blog

    Seven Charged with Infecting Computers with DNS Changing Software

    Seven Charged with Infecting Computers with DNS Changing Software

    Manhattan U.S. Attorney Charges Seven Individuals for Engineering Sophisticated Internet Fraud Scheme That Infected Millions of Computers Worldwide and Manipulated Internet Advertising Business Malware Secretly Re-Routed More Than 4 Million Computers, Generating at Least $14 Million in Fraudulent Advertising Fees for the Defendants.

    The staff of the University Information Security Office (UISO) were pleased to hear about seven individuals being charged with infected computers with DNS changing malicious software.  For years now, this software would change the DNS settings of Windows computers, Mac computers, and even home routers to redirect web traffic to sites that generate money for the criminals.

    Simply turning off the rogue DNS servers that all of the compromised computers were configured to use would effectively break the Internet, the Internet Systems Consortium set up proper DNS servers in their place.  For the next 120, this group will be collecting information about who is incorrectly configured to use the rogue DNS servers and will be distributing that information to Internet Service Providers, including the University.  These notices have already started to go out to users on the University network.  Any computers that are not rebuilt or fixed by the end of the 120 day period will cease to function properly.

    For more information, you can read the FBI press release, check to see if you IP is on the list, or check out any number of articles written about this topic.

    David Greenberg is a Principal Security Engineer in the University Information Security Office.

    Learn more about protecting: