The virus known as the DNSChanger virus does exactly what its title describes.
The virus has several other call names, such as Win32.Trojan.Nineball
that identifies this as a Trojan virus.
The other names that can relate to this Trojan are ‘Doomsday’,
‘Nineball’, and ‘Gumblar’. The virus
is five years old, but still infects hundreds of thousands computers today.
In the summer of 2012 the news coined the term, ‘Doomsday’, because the
Federal Bureau of Investigation planned to unplug servers that were infected
with the virus that could consequently lead to Internet failure across the
United States of America.
The intent of the virus was to change the infected computers domain name
server’s (DNS) internet protocol (IP) address.
The creators of this virus had a malicious data centers in Estonia, New
York, and Chicago. The DNSChanger
would infect and change the infected computer’s DNS.
The newly infected computer’s address would now match the same address of
a machine located at the headquarters of the malicious data center.
When the virus altered the DNS, the computer would auto magically tell
the web browser to open a bogus website also created by the malicious data
center. The bogus website then
installs malware to the user’s computer on the opposite end and steals their
confidential information (Dvorak).
Next, the damage was expected to be catastrophic due to the fact that
over 500,000 computers could possibly be infected in America and over 4 million
computers in other countries by the DNSChanger in 2012 (Manhattan U.S.
Attorney). The FBI located the
malicious data center in November 2011 and deployed a team to program a patch to
fix the virus. The court ordered for
the malicious serves to be unplugged by March 8, 2012.
The FBI were still concerned about the remaining infected computers, so
the court ordered all rouge servers to be unplugged no later than July 9, 2012.
When the ‘Doomsday’ date came, only 47,000 known computers were cut from
the infected servers. The owner of
the computer that housed the DNSChanger virus would have to remove it themselves
in order to connect back to the Internet (Albanesius).
The
ultimate harm that was caused by the virus is that the FBI had to work
meticulously to fix the damage of the DNSChanger virus.
The climax of this recorded computer history is that the creators of the
DNSChanger virus reeled in over several millions of dollars from fraudulent
advertising fees. The FBI captured
the six of the seven Estonian nationals responsible for the ‘Doomsday’ scare and
charged with five counts of wire and computer intrusion fraud.
In the end, each Estonian defendant faced a maximum penalty of 25 years
in prison (Manhattan U.S. Attorney).
Works Cited
Albanesius, Chloe. "Isps Report Minimal Dnschanger Impact." PC Magazine (2012):
1. Internet and Personal Computing Abstracts. Web. 30 Jan. 2013.
Dvorak, John C. "Dnschanger Doomsday." PC Magazine (2012): 1. Internet and
Personal Computing Abstracts. Web. 30 Jan. 2013.
"Manhattan
U.S. Attorney Charges Seven Individuals for Engineering Sophisticated Internet
Fraud Scheme That Infected Millions of Computers Worldwide and Manipulated
Internet Advertising Business Malware Secretly Re-Routed More Than 4 Million
Computers, Generating at Least $14 Million in Fraudulent Advertising Fees for
the Defendants." FBI., 09 Nov. 2011. Web. 30 Jan. 2013.
<http://www.fbi.gov/newyork/press-releases/2011/manhattan-u.s.-attorney-charges-seven-individuals-for-engineering-sophisticated-internet-fraud-scheme-that-infected-millions-of-computers-worldwide-and-manipulated-internet-advertising-business>.