The FBI has bad news for the victims of an online advertising scam.
Back in November, the FBI dropped the hammer on a group of international hackers who were running an online advertising scam that allowed them to infect and take control of an estimated 568,000 computers around the world. Exploiting weaknesses in Windows, they were able to redirect infected computers to their own "rogue DNS servers," effectively leading them into a fake internet. The hackers earned an estimated $14 million through the scam, but the more long-term problem is that the victims were also made reliant on the rogue servers for web functionality.
Recognizing the potential for trouble, the FBI called in the Internet Systems Consortium, which set up two clean servers to take the place of the impounded rogue servers. "If we just pulled the plug on their criminal infrastructure and threw everybody in jail, the victims of this were going to be without Internet service," FBI Supervisory Special Agent Tom Grasso told Fox News. "The average user would open up Internet Explorer and get 'page not found' and think the internet is broken."
The servers were initially supposed to be taken offline in March but a federal judge decided that wasn't enough time and ordered that they be kept running until July. Now July is coming and, human nature being what it is, the majority of the infected systems still haven't been cleaned up.
"The full court press is on to get people to address this problem," Grasso added.
Roughly 360,000 systems are still corrupted, according to FBI estimates, including about 85,000 in the U.S. and more than 20,000 each in Italy, England, Germany and India. And while the FBI's tactic in this case is "unusual," the agency said it took the steps it did to avoid the appearance of government intrusion into private systems.
FBI Cyber Division Unit Chief Eric Strom described this sort of thing as "the future of what we will be doing," explaining that as it approaches the end of cases, it will have to start thinking about how to accomplish its goals without making an even bigger mess of things. And in the spirit of not making things worse, the agency is encouraging users to check out the DNS Changer Working Group website, which can detect and clean infected systems, at dcwg.org.