DNS poisoning the 'thin end of a wedge'
Manipulating the internet's domain-name system (DNS) to reduce the impact of criminal malware DNSChanger has proved successful. Extending the technique to deal with other matters, however, represents the thin end of a wedge, according to DNS pioneer Dr Paul Vixie.
The FBI said that in 2007, DNSChanger infected 4 million computers worldwide, altering their settings so that they used DNS servers provided by the criminals, which allowed them to redirect the users to fraudulent websites.
A subsequent investigation by the FBI and NASA's Office of the Inspector General (NASA-OIG), dubbed "Operation Ghost Click", led to the arrest on 8 November 2011 of six Estonians involved in the malware, although a seventh suspect remains at large. Search warrants were executed simultaneously in Estonia, New York and Chicago, and the rogue DNS servers were seized. Dr Vixie was part of the DNSChanger Working Group that provided replacement "clean" DNS servers, so that infected computers could keep operating until the users could be contacted, including dns-ok.gov.au in Australia.