DNS Changer

Takedown

One fine night in November 2011 I got an opportunity to get my hands dirty, working on a project for the United States Federal Bureau of Investigation (FBI). They were planning to seize a bunch of computing assets in New York City that were being used as part of a criminal empire that we called “DNS Changer” since that was the name of the software this gang used to infect a half million or so computers. I work for Internet Systems Consortium (ISC), a small non-profit company headquartered in California. ISC is best known for our work on the Domain Name System (DNS) and our DNS software (called BIND), but we have a growing Internet security practice as well. My task that night in New York City was to install two replacement DNS servers supplied and operated by ISC. This was important because the victims of DNS Changer were dependent on the assets that the FBI needed for evidence, and none of us wanted a half a million DNS Changer victims to “go dark.” It was a little (continue reading here) ….