But, while some users doubtless felt the axe fall – others saw their ISPs step into the breach after the FBI cut off access. Spokesmen for AT&T and Verizon both told PCWorld magazine the companies had stepped in to keep on supplying service – the former through the end of the year, the latter through the end of July – giving infected-computer users yet another break.
Instead of returning home from work Monday to discover they cannot update Facebook or download cute puppy videos, many users of the 41,000 affected US computers will as a result still be able to connect to the Internet for a while longer – another chance to clean up their infected machines.
For cybersecurity experts and the FBI, though, the muted sound is bliss – it means that most of the problem had been cleaned up in advance without a major implosion.
"We've seen a kind of a victory of shared collective intelligence in this case," says Rod Rasmussen, president of Tacoma, Wash.-based Internet Identity, a cybersecurity firm that is part of the law-enforcement-backed DNSChanger Working Group consortium. "A lot has been learned by law enforcement and private companies about how to work together to bring down these criminal enterprises – but also how to remediate the problem over time, rather putting a lot of people in the dark all at once."
It also represents, he and others say, a sign that government and law enforcement – supported by technicians in private industry – are increasingly able to initiate complex international cybercriminal investigations that span international borders.
"There's definitely a trend with government more willing to get involved to fight botnets like the DNSChanger and other malware – in addition to using the legal system to take down servers used by criminals," says Brett Stone-Gross, a senior security researcher with Dell SecureWorks.