Six Estonian nationals have been arrested and charged with running a sophisticated Internet fraud ring that infected millions of computers worldwide with a virus and enabled the thieves to manipulate the multi-billion-dollar Internet advertising industry. Users of infected machines were unaware that their computers had been compromised—or that the malicious software rendered their machines vulnerable to a host of other viruses.
Computers in more than 100 countries were infected by the “DNSChanger” malware, which redirected searches for Apple’s iTunes store to fake pages pretending to offer Apple software for sale, as well as sending those searching for information on the U.S. Internal Revenue Service to accounting company H&R Block, which allegedly paid those behind the scam a fee for each visitor via a fake internet ad agency. Beginning in 2007, the cyber ring used DNSChanger to infect approximately 4 million computers in more than 100 countries.
Trend Micro, which helped supply information to the FBI on DNS Changer, hailed the law enforcement operation as the "biggest cyber criminal takedown in history." Whilst the rogue DNS servers have been replaced, many may still be infected. Head here to learn about how to check if your system is part of the DNS Changer botnet.