Six Estonians and one Russian have been arrested in connection with a massive botnet that is believed to have raked in more than $14m over the past four years. Operation Ghost Click targeted the botnet with the cooperation of the FBI and Estonian police, with around 4m computers around the world believed to have been infected.
The DNSChanger worked by redirecting people when they searched for iTunes or the US Internal Revenue Service (IRS). Both Windows and Apple machines were vulnerable to the malware, which earned its operators money by giving them fees for sending people to certain sites. For example, someone searching for the Apple iTunes store would be misdirected to another online music store.
It was NASA, somewhat bizarrely, who first noted the existence of the botnet, with a number of the agency’s computers allegedly infected. Anyone who wants to check whether they were affected by the DNSChanger can follow these instructions, which are a little complicated but should do the job.