As part of the Operation GhostClick the FBI took over a botnet back in November and as a shim they setup temporary DNS servers to keep DNSChanger Trojan-infected computers running properly. The servers were set to go offline last week but for various reasons, the FBI had to extend the deadline to July 9th. Note that this is a full 9 months after the original take-over last November.
Really 9 months! Personally, I think it comes down to procrastination … and I’m often guilty of this. My guess is that the organizations waited until a week or two before the original deadline and then found that they didn’t have enough time to find and fix the infected machines. Now the date is out to the middle of July. I hope they don’t continue this trend.
The FBI’s DNSChanger deadline extension has been approved by a US Federal Court, buying infected punters more time to clean up their systems.
The move means that machines riddled with the Trojan will still be able to use temporary DNS servers to resolve internet addresses until 9 July. Before the order was granted, infected machines would not have been able to surf the web or handle email properly after 8 March, the previous expiry date of the safety net.
Deployed initially by cyber-crooks, DNSChanger screwed with domain name system (DNS) settings to direct surfers to rogue servers – which hijacked web searches and redirected victims to dodgy websites as part of a long-running click-fraud and scareware distribution scam.
Odds on this this getting extended again? This post’s image is from PCMag.com.