Thursday, February 23, 2012

Trojan has compromised DNS access for maybe millions of home users, "Clickjack" botnet operation; more on "walled gardens"


Dan Goodin has a story in Ars Technica reporting that about a half million home users have been infected with a botnet Trojan that had usurped their DNS resolution. In March, they will lose normal Internet access unless a judge allows a California non-profit to continue operating a surrogate doman name server, story here

The FBI seized over 100 rogue servers under “operation ghost click”, but the government allowed a temporary bridge to be built to allow infected computers still have Internet access. 

The government may encourage setting up a “walled garden” to which infected machines will be directed.
There’s a tangentially related article in Information Week on Apple’s approach to “walled gardens” with its iPhone, and the idea that it isn’t as secure as it sounds. The author goes on to talking about the advantages of “jailbreaking” anyway, here

A major potential weakness in the DNS system was discovered in 2008, and discussed on my "id security" blog in August 2008.

Update: Feb. 24

A judge has allowed the DNS Bridge to operate until July 9, IT News story here.

The original story of the FBI's "clickjack" botnet takedown appears in Computer World in November 2011, here

No comments: