Former DNSChanger addresses out in the wild again
European IP address authority RIPE NCC has reallocated two IP address blocks that were previously used by the DNSChanger malware. The FBI and the Internet Systems Consortium (ISC) had control over the addresses from last November through to mid-July of this year, in accordance with a US court order, as there was concern about a total blackout for private users' manipulated computers. It's much too soon for reallocation, say some members of the DNS Changer Working Group, which has been working with the FBI. Former ISC CEO Barry Greene is at the forefront of the protest. RIPE NCC, on the other hand, believes that the reallocation is a completely normal procedure.
Administrators in the North American Network Operator Group (NANOG) worry that millions of the computers affected by DNSChanger could still be pointing to those new addresses, which would also be a problem for the new owners. Neither network provider Inevo in Romania (former DNSChanger block 22.214.171.124 to 126.96.36.199) nor Aurimas Rapalis in Lithuania (former DNSChanger block 188.8.131.52 to 184.108.40.206) are using the addresses for servers that can be accessed by outside parties at the moment. The companies have not yet said whether they will keep the addresses in their own "quarantine" or how they would handle a potential flood of redirected DNS queries; requests from The H's associates at heise Security for a statement have so far been unanswered.
- US officials say less than 300 phone numbers were investigated in 2012, data thwarted terrorist plotsMon, 2013-06-17 00:42
- Mon, 2013-06-17 00:36
- Mon, 2013-06-17 00:31