Feds Try To Avert Internet Disruption for 400,000 Users
The Justice Department is racing to stop the courts from taking off life support hundreds of thousands of compromised computers that are temporarily hooked up to a safe server, and could otherwise lose Internet access.
Last year, as part of a crackdown on a ginormous "botnet," the agency obtained a court order allowing legitimate, safe servers to stand in until March 8 for rogue servers. The malicious servers, set up by Baltic cybercriminals, had been rerouting unwitting computer users, or bots, to fraudulent websites.
The scheme worked by infecting millions of Internet users with a virus, DNSChanger, that targeted the Domain Name System, a service similar to a phone directory for the Internet. DNS translates website names, like Google.com, into numerical addresses that computers need for direction. By changing the DNS settings on corrupted computers, the virus, in coordination with the rogue servers, would point victims to the wrong Web addresses.
The legitimate servers were intended as a bandaid fix, to give Internet service providers and their customers time to patch the malware and go back to normal Web surfing.
But more than 400,000 victimized individuals at government agencies, businesses and households worldwide are still relying on those servers for Internet connectivity, according to Justice officials. And, as of now, the group running the safe servers, the Internet Systems Consortium, must stop operating in less than two weeks.
So Justice has filed a request with the court to let the consortium continue running the servers until July 9.
"Several hundred thousand computers continue to rely on the replacement DNS servers to access websites. Extending the operation of the replacement DNS servers will provide additional time for victims to remove the malware from their computers, thereby enabling them to reach websites without relying on the replacement DNS servers," wrote James J. Pastore Jr., assistant U.S. attorney for the southern district of New York.
Justice officials this week asked the court to bypass normal procedures that require at least a two-week wait, so that the decision is made before shutdown time, according to district court documents.