US authorities with support from Antivirus maker Trend Micro, has charged seven people with spreading software to hijack almost 4 million computers worldwide.
Six of them are Estonians, who have been arrested, while the seventh, a Russian, is still at large.
These cyber criminals created a software called a DNSChanger, which redirected people from advertisements to steal ad revenue from the companies that placed the ads on the site and have allegedly scammed up to $14m to date.
The FBI busted up the alleged international cyber ring after a two-year investigation called Operation Ghost Click.
"The global reach of these cyber thieves demonstrates that the criminal world is… flat," said Janice Fedarcyk, the FBI Assistant Director in charge of the New York field office. "The Internet is pervasive because it is such a useful tool, but it is a tool that can be exploited by those with bad intentions and a little know-how."
If you are worried that you might have been a victim of this criminal activity, the FBI have made an online tool available which will allow you to check if your DNS server settings have been tampered with.
First you will need to discover what your current DNS server settings are:
Click the Start menu by clicking the Start button or the Windows icon in the lower left of your screen, in the Search box type “cmd” and hit return. This should open a black window with white text. In this window type “ipconfig /all” and hit return. Look for the entry that reads “DNS Servers” and note down the numeric addresses that are listed there.
On a Mac (yes they can be victims too), click on the Apple icon in the top left of your screen and select “System Preferences“, from the Preferences panel select the “Network” icon. Once this window opens, select the currently active network connection on the left column and over on the right select the DNS tab. note down the addresses of the DNS servers that your computer is configured to use.
You can check to see if these addresses correspond to servers used by the criminals behind Operation Ghost Click by using this online tool provided by the FBI, simply enter the IP addresses, one by one and click the “check ip” button.
If you feel that you computer may have been infected, you can visit Trend Micro’s HouseCall for a free scan and clean-up and notify the FBI by submitting this form.
You should also contact your Internet Service Provider for advice on restoring your legitimate DNS settings.
Ongoing updates on this threat can be found on our Operation Ghost Click landing page.
For all our readers, we believe this is pretty important.
Leave us your comments…