[SGVLUG] interesting DNS server redirect story
matti
mathew_2000 at yahoo.com
Fri Apr 20 19:49:12 PDT 2012
Hi,
Wow, this is actually an interesting story:
Summary - Hijackers compromise windows systems, redirecting them to rogue DNS
servers, and substituting ads ( and who knows what else ) in the legitimate websites
and generate $$ from those ads.
Authorities counter:
Paul Vixie installed clean DNS servers to take place of Rogue DNS Servers after authorities
dismantled hijacker ring
( yes, this is why DNSSEC is good idea ;)
"Hundreds of thousands may lose Internet in July"
http://news.yahoo.com/hundreds-thousands-may-lose-internet-july-181324701--finance.html
..
Hackers infected a network of probably more than 570,000 computers worldwide. They took advantage of vulnerabilities in the Microsoft Windows operating system to install malicious software on the victim computers. This turned off antivirus updates and changed the way the computers reconcile website addresses behind the scenes on the Internet's domain name system.
The DNS system is a network of servers that translates a web address — such as www.ap.org — into the numerical addresses that computers use. Victim computers were reprogrammed to use rogue DNS servers owned by the attackers. This allowed the attackers to redirect computers to fraudulent versions of any website.
The hackers earned profits from advertisements that appeared on websites that victims were tricked into visiting. The scam netted the hackers at least $14 million, according to the FBI. It also made thousands of computers reliant on the rogue servers for their Internet browsing.
When the FBI and others arrested six Estonians last November, the agency replaced the rogue servers with Vixie's clean ones. Installing and running the two substitute servers for eight months is costing the federal government about $87,000.
..
thanks
matti
More information about the SGVLUG
mailing list