Malware Attacks Still Pose Serious Threat Even Though DNSChanger Fails to Ignite Major Internet Disruption

By

Just because there were no major Internet outages this week from the DNSChanger virus, other viruses could attack computers in the future.

“Malware gets better, not worse,” warned a recent blog post from Threatpost, a security news service from the Kaspersky Lab. “Rogue DNS schemes like this are not new, attackers continually adapt and improve their tactics as they see how users and law enforcement agencies respond.”

USA Today reported that the most recent and highly publicized DNSChanger malware simply “fizzled.” One report estimated that only 47,000 Americans became disconnected from the Internet this week. This compares to several months ago, when viruses linked to DNSChanger infected four million computers globally. But ongoing attempts were largely successful to clean out many of the infected computers over recent months. In fact, over 90 percent of the computers infected by the virus were cleaned up before Monday, CNN Money said.

Also, in a stern warning, Johannes Ullrich, chief research officer at the SANS Security Institute, told USA Today that, “about 100 times more users are infected by more dangerous, current malware without knowing that they are infected.”

On Monday, the FBI took away a safety net put up in November to protect some 577,000 Windows PCs from DNSChanger. Some 277,000 PCs, including 64,000 in the U.S., are still infected, according to news reports. Most ISPs collaborated with the FBI to avoid breaks in Internet service. Also, many anti-virus products offered solutions to the virus. In addition, an FBI-approved website gave users links to PC checks, as well as instructions on removing the virus. "The DNS settings check isn't that difficult," Dennis Fisher, editor-in-chief of Threatpost.com, said. "Anyone who can navigate through the control panel should be able to do it. It's just a matter of clicking through a few dialogue boxes."

The malware was serious, though. It basically rerouted searches and sent traffic to “rogue” DNS servers and then to websites with ads “controlled” by criminals who operated a scam and earned money for clicks on ads, according to Threatpost. In November, agents arrested six Estonians who operated the fraud ring that generated an estimated $14 million from the multi-year scam.

This week’s malware issue comes just as U.S. Gen. Keith B. Alexander, who heads up the National Security Agency (NSA), warned members of Congress to soon enact a national cyber-security law. He said the law can avoid civil liberty violations – a growing concern.

"This cyber-security legislation coming up is going to be very important to the future of this country," Alexander said during a rare public address which was held at the American Enterprise Institute and released to the public via video. "If the critical infrastructure community is being attacked by something, we need them to tell us – at network speed. … It doesn't require the government to read their mail, or your mail, to do that.”

IP theft is costing U.S. companies $250 billion a year, according to Symantec data. Also, cybercrime is estimated to cost worldwide $114 billion – or $388 billion if downtime is added. In addition, $1 trillion was spent worldwide on remediation. Also, in response to a news reporter’s question, Alexander denied rumors that the NSA’s new data center in Utah would collect e-mails and Web histories from Americans. “We don’t store data on U.S. citizens … That’s baloney. … That’s ludicrous,” he said.




Edited by Brooke Neuman
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

TechZone360 Contributor

SHARE THIS ARTICLE
Related Articles

Can Science Outsmart Deepfake Deceivers? Klick Labs Proposes an Emerging Solution

By: Alex Passett    3/25/2024

Researchers at Klick Labs were able to identify audio deepfakes from authentic audio recordings via new vocal biomarker technology (alongside AI model…

Read More

Top 5 Best Ways to Integrate Technology for Successful Project-Based Learning

By: Contributing Writer    3/19/2024

Project-based learning, also popularly known as the PBL curriculum, emphasizes using and integrating technology with classroom teaching. This approach…

Read More

How to Protect Your Website From LDAP Injection Attacks

By: Contributing Writer    3/12/2024

Prevent LDAP injection attacks with regular testing, limiting access privileges, sanitizing user input, and applying the proper encoding functions.

Read More

Azure Cost Optimization: 5 Things You Can Do to Save on Azure

By: Contributing Writer    3/7/2024

Azure cost optimization is the process of managing and reducing the overall cost of using Azure. It involves understanding the resources you're using,…

Read More

Massive Meta Apps and Services Outage Impacts Users Worldwide

By: Alex Passett    3/5/2024

Meta's suite of apps and services are experiencing major global outages on Super Tuesday 2024.

Read More