“They’re called ‘servers that lie.’ ”

So begins a copyrighted story by AP (no longer available online). It was reported that a peer-reviewed paper, presented at an internet security event in San Diego, said that there are approximately 68,000 rogue DNS servers functioning on the internet. These are used to direct innocent web traffic to fraudulent web-sites without the user’s knowledge.

According to the Georgia Institute of Technology and Google, computers infected by a virus that changes DNS settings are usually directed correctly to the requested website by the rogue server; however the hackers controlling these malicious DNS servers can send their victims to fraudulent websites at any time. Some of the bogus sites are obvious frauds but some are “stunningly convincing.”

The basic idea of attacks using manipulated DNS results is not new, but apparently the “recent wave” of attacks that modify users DNS settings is new.

Current virus software is reportedly capable of finding and correcting the problem (until the next infection).