DNSChanger: ISPs see few problems from Internet blackout

@CNNMoneyTech July 9, 2012: 4:41 PM ET
malware-virus-2.ju.top.jpg

NEW YORK (CNNMoney) -- The so-called Internet blackout has come, but fairly few are actually stuck in the dark.

At the tick of midnight on Monday, the Federal Bureau of Investigation shut down Internet servers that were set up as a safety measure in the wake of an online scam involving malware.

As of Sunday night, an estimated 211,000 computers worldwide were still afflicted by the malware known as "DNSChanger," including 42,000 computers in the United States, an FBI spokeswoman told CNNMoney. Those computers were cut off from the Internet Monday morning as the FBI's partners switched off the temporary servers they've been running since November, when the FBI shut down the cybercrime ring behind DNSChanger.

More than 200,000 infected computers is still quite a lot, but it's a dramatic improvement from where things stood just a few months ago.

At the peak, the viruses related to DNSChanger infected 4 million computers around the world. Industry-wide efforts over the past nine months to draw attention to and combat the plague were largely successful. More than 90% of the afflicted machines around the world had been repaired before Monday's deadline hit.

At Comcast (CMCSA), the largest Internet service provider in the United States, the blackout-related call volume from customers on Monday was "miniscule," according to company spokesman Charlie Douglas.

Comcast had been working since January to notify infected customers, using e-mails, phone calls, letters and even browser notifications since January.

Verizon (VZ, Fortune 500) says it too has been working for months to soften the blow.

"Very few Verizon customers have been affected, and we've reached out to all of them through a variety of methods," a company spokeswoman said.

She pointed to a webpage, www.verizon.com/virushelp, designed to help customers detect and repair any DNSChanger-related problems.

The saga began in November, when law enforcement agents arrested six Estonian nationals accused of running an Internet fraud ring that generated an estimated $14 million in illegal gains.

The scam had been running for years, according to the FBI, and involved redirecting Internet traffic and manipulating online advertising. Instead of immediately taking down the rogue servers -- and knocking offline all the computers infected by the malware -- the FBI had the nonprofit Internet Systems Consortium set up temporary servers to keep people connected.

Those servers were originally scheduled to shut down on March, but the government had the deadline extended to July so that more people would have time to check and fix their computers. Facebook (FB) and Google (GOOG, Fortune 500) joined the awareness efforts, notifying users if their computer appeared to be infected.

Security pros say the campaign worked well.

"The impending DNSChanger 'black out' threatens to obscure what has been a highly successful effort -- one of few to date -- to stamp out a global online scam and malware infestation," Paul Roberts noted in Threatpost, a Kaspersky Lab security news site. To top of page

Market indexes are shown in real time, except for the DJIA, which is delayed by two minutes. All times are ET. Disclaimer Morningstar: © 2014 Morningstar, Inc. All Rights Reserved. Disclaimer The Dow Jones IndexesSM are proprietary to and distributed by Dow Jones & Company, Inc. and have been licensed for use. All content of the Dow Jones IndexesSM © 2014 is proprietary to Dow Jones & Company, Inc. Chicago Mercantile Association. The market data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. FactSet Research Systems Inc. 2014. All rights reserved. Most stock quote data provided by BATS.