Operation Deadline Extension

March 13, 2012
By

Post to Twitter Post to Facebook Post to Reddit

DNS ChangerAs part of the Operation GhostClick the FBI took over a botnet back in November and as a shim they setup temporary DNS servers to keep DNSChanger Trojan-infected computers running properly. The servers were set to go offline last week but for various reasons, the FBI had to extend the deadline to July 9th. Note that this is a full 9 months after the original take-over last November.

Really 9 months! Personally, I think it comes down to procrastination … and I’m often guilty of this. My guess is that the organizations waited until a week or two before the original deadline and then found that they didn’t have enough time to find and fix the infected machines. Now the date is out to the middle of July. I hope they don’t continue this trend.

via TheRegister.com

The FBI’s DNSChanger deadline extension has been approved by a US Federal Court, buying infected punters more time to clean up their systems.

The move means that machines riddled with the Trojan will still be able to use temporary DNS servers to resolve internet addresses until 9 July. Before the order was granted, infected machines would not have been able to surf the web or handle email properly after 8 March, the previous expiry date of the safety net.

Deployed initially by cyber-crooks, DNSChanger screwed with domain name system (DNS) settings to direct surfers to rogue servers – which hijacked web searches and redirected victims to dodgy websites as part of a long-running click-fraud and scareware distribution scam.

Continued here.

#####

Odds on this this getting extended again? This post’s image is from PCMag.com.

Tags: , ,

13 Responses to Operation Deadline Extension

  1. (@grecs) (@grecs) on March 13, 2012 at 11:08 pm

    Operation Deadline Extension http://t.co/x5y1yBIS Been meaning to write this up. Scares me remaining orgs haven’t fix this yet.

  2. (@grecs) (@grecs) on March 14, 2012 at 12:01 am

    BLOGGED: Operation Deadline Extension http://t.co/x5y1yBIS

  3. (@StefanoBucaioni) (@StefanoBucaioni) on March 14, 2012 at 12:17 am

    Operation Deadline Extension: As part of the Operation GhostClick the FBI took over a botnet back in November … http://t.co/yG6t2oA1

  4. (@Nathiet) (@Nathiet) on March 14, 2012 at 12:31 am

    Operation Deadline Extension – As part of the Operation GhostClick the FBI took over a botnet back in November and a… http://t.co/8mFz0WlW

  5. (@cybfor) (@cybfor) on March 14, 2012 at 2:09 am

    Operation Deadline Extension: [nova#infosecportal.com] As part of the Operation GhostClick the #FBI took over a… http://t.co/HenQSDV3

  6. (@csec) (@csec) on March 14, 2012 at 2:44 am

    Operation Deadline Extension: [nova#infosecportal.com] As part of the Operation GhostClick the #FBI took over a… http://t.co/VnbauY76

  7. (@Nathiet) (@Nathiet) on March 14, 2012 at 10:27 am

    #NoVABlogger Operation Deadline Extension http://t.co/lVBo15Qo

  8. (@grecs) (@grecs) on March 14, 2012 at 1:07 pm

    Also my thoughts on DNSChanger extension .. Operation Deadline Extension http://t.co/x5y1yBIS

  9. (@novainfosec) (@novainfosec) on March 14, 2012 at 1:08 pm

    Also my thoughts on DNSChanger extension .. Operation Deadline Extension http://t.co/VmTPKuVg

  10. (@Nathiet) (@Nathiet) on March 14, 2012 at 3:45 pm

    Blogged: Operation Deadline Extension http://t.co/lVBo15Qo

  11. (@novainfosec) (@novainfosec) on March 14, 2012 at 4:55 pm

    BLOGGED: Operation Deadline Extension http://t.co/VmTPKuVg

  12. (@Nathiet) (@Nathiet) on March 14, 2012 at 6:45 pm

    In Case You Missed It: Operation Deadline Extension http://t.co/Y5KuS6Ts

  13. (@grecs) (@grecs) on March 14, 2012 at 11:22 pm

    Extension 4 DNSChanger infect machines.. Really? It’s now out to 9 months. Check out my recommendation. http://t.co/x5y1yBIS

Leave a Reply

Your email address will not be published. Required fields are marked *


About Us

Founded in 2008, NoVA Infosec is dedicated to the community of Metro DC-based security professionals and whitehat hackers involved in the government and other regulated verticals. Find out more on our About Us page.