Breadcrumbs

[Axel]

Agust asked me to post this :P

Millions of computer users across the world could be blocked off from the Internet as early as March 8 if the FBI follows through with plans to yank a series of servers originally installed to combat corruption.

Last year, authorities in Estonia apprehended six men believed responsible for creating a malicious computer script called the DNSChanger Trojan. Once set loose on the Web, the worm corrupted computers in upwards of 100 countries, including an estimated 500,000 in America alone. The US Federal Bureau of Investigation later stepped up by replacing the rogue Trojan with servers of their own in an attempt to remediate the damage, but the fix was only temporary. Now the FBI is expected to end use of those replacement servers as early as next month and, at that point, the Internet for millions could essentially be over.

When functioning as its creators intended, the DNSChanger Trojan infected computers and redirected users hoping to surf to certain websites to malicious ones. Traditionally, DNS, or Domain Name System, servers translate alphabetical, traditional website URLs to their actual, numeric counterpart in order to guide users across the World Wide Web. Once infected by the DNSChanger Trojan, however, websites entered into Internet browsers were hijacked to malicious servers and, in turn, directed the user to an unintended, fraudulent site.

In coordination with the arrests in Estonia, the FBI shut down the malicious DNSChanger botnet network, and, additionally, replaced them with surrogate servers to correct the problem. Those servers, however, were installed "just long enough for companies and home users to remove DNSChanger malware from their machines," according to the court order that established them. That deadline is March 8, and those surrogate servers are expected to be retired then. At that point, computers still infected with the Trojan will be essentially unable to navigate the Internet.

Who, exactly, will be affected? Security company IID (Internet Identity) believes that half of all Fortune 500 companies and more than two dozen major government entities in the US are still currently infected with the worm as of early 2012. Unless they take the proper steps to eradicate the Trojan from their systems, millions of users worldwide will be left hog-tied, helplessly attempting to navigate to nonexistent servers and, in effect, without the Web.

“At this rate, a lot of users are going to see their Internet break on March 8,” Rod Rasmussen, president and chief technology officer at Internet Identity, cautions Krebs On Security.

Currently, both the computer industry and law enforcement are working together through a coalition they’ve established called the DNSChanger Working Group. That group has been tasked with examining the options in phasing out the surrogate servers set up by the feds, but unless an alternative plan is agreed on, a great port of the Web will go dark next month.

“I’m guessing a lot more people would care at that point,” Rasmussen adds. While infected users are cautioned to correct the problem now, millions internationally are still believed to be infected. “It certainly would be an interesting social experiment if these systems just got cut off,” he adds.

source

[smashapps]

That is definitely something to think about there, thanks for sharing mate.

[Vikhedgehog]

Does the trojan infect computers or ISP's? If its computer then i could just format the harddrive but if its the ISP :(

...

*Goes and downloads the internet*

[comathi]

No single organisation has control over the Internet. Therefore, the FBI cannot shut it down. It could, however, block access to certain computers withing its juridistiction (ie, the USA). As for the rest of the world, it is unlikely they will be affected much, unless other organisations team up to do the same thing.

By principle, if any of them just tried to control the Internet, they could be brought into court. They could never go further than the borders of their own country, unless an agreement is reached with other nations.

[Vikhedgehog]

No single organisation has control over the Internet. Therefore, the FBI cannot shut it down. It could, however, block access to certain computers withing its juridistiction (ie, the USA). As for the rest of the world, it is unlikely they will be affected much, unless other organisations team up to do the same thing.

By principle, if any of them just tried to control the Internet, they could be brought into court. They could never go further than the borders of their own country, unless an agreement is reached with other nations.

If they shut the internet down in the US all awesome websites will be down. I hope minecraft has some backup servers in sweden (to authenticate and be able to play on multiplayer premium servers) :lol:

[comathi]

No, I don't think they would be allowed to shut down the DNS servers. Although all DNS servers for .com websites are located in the US, they do not own them and therefore cannot control them more than any other country.

[Martin]

No, I don't think they would be allowed to shut down the DNS servers. Although all DNS servers for .com websites are located in the US, they do not own them and therefore cannot control them more than any other country.

You said they dont own .com but then why did thepiratbay move to .se so usa could not shut them down?

[comathi]

No, I don't think they would be allowed to shut down the DNS servers. Although all DNS servers for .com websites are located in the US, they do not own them and therefore cannot control them more than any other country.

You said they dont own .com but then why did thepiratbay move to .se so usa could not shut them down?

Because thepiratebay is actually providing illegal content. The FBI would then have sort of a right to shut it down, and the DNS being in the US would just make it easier.

[MrAksel]

I understood it as they have set up some temporary servers in the place of the damaged ones, so they have all the rights they need to remove those. This will affect everyone trying to connect to those servers, but this would have happened some time ago if the temp servers never were used as backup.

[clanc789]

I understood it as they have set up some temporary servers in the place of the damaged ones, so they have all the rights they need to remove those. This will affect everyone trying to connect to those servers, but this would have happened some time ago if the temp servers never were used as backup.

That is 100% what I thought