6000 Aussie users caught in DNSChanger shutdown

Powered by SC Magazine
 

Last-minute rush.

The Australian Communications and Media Authority estimates 6000 Australian internet users could face disconnection when US authorities shut down rogue DNS servers on Monday.

Up to four million users are believed to have been infected at the height of the DNSChanger advertising scam, which redirected legitimate searches by computer users to malicious sites via rogue DNS servers located in Chicago and New York.

The FBI has had temporary control of the servers since raiding the Estonian group that allegedly made and distributed the DNSChanger malware, gaining a four-month court ordered extension for the arrangement in March.

However, a purported 250,000 machines — including those at more than ten percent of Fortune 500 companies — are expected to remain infected when the DNS servers are switched off at 2pm AEST on July 9.

Any computer still infected with DNSChanger — and thus trying to route all requests through the rogue servers — will not be able to connect to the internet.

Bruce Matthews, manager for e-security operations at the ACMA, told iTnews that most recent figures estimated 6000 machines remained infected in Australia by the malware.

The number is a drop from the 10,000 it estimated in March, as well as from the 7500 machines estimated a fortnight ago, when the ACMA started a last-ditch effort to identify the remaining infections.

The regulator has worked with ISPs to contact customers, and set up a website allowing subscribers to check if they have been infected, but is yet to completely solve the issue.

"We're hoping that there will be a rapid upsurge in action to deal with those infections before July 9," he said.

"We think there's still time for affected customers to take action — it only takes a second to check your infected."

Telstra has joined some US telcos in implementing a new, temporary redirection for its customers in order to provide more time to solve the malware issue after Monday.

Experts said they considered the DNSChanger threat to be small compared with more-prevalent viruses such as Zeus and SpyEye, which infect millions of PCs and are used to commit financial fraud.

"It's a very easy one to fix," said Gunter Ollmann, vice president of research for security company Damballa.

"There are plenty of tools available."

However, Internet Systems Consortium founder Paul Vixie — who had participated in the US raid on the data centres — warned the infection had likely hit modems and routers within homes, as well as the computers themselves.

Cases where a modem's DNS settings had changed — believed to affect up to a third of all cases — would prove more difficult to remediate, and could ultimately require ISPs to "truck-roll" new devices to their customers.

With Reuters

Copyright © iTnews.com.au . All rights reserved.


6000 Aussie users caught in DNSChanger shutdown
 
 
 
Top Stories
Change is the only constant at iiNet
iiNet's Matthew Toohey is trialling IBM's Watson - between preparing for an acquisition and making sure Netflix doesn't swamp the network.
 
Why straight-through processing is the holy grail for banks
Big benefits from stripping away human intervention and digitising processes.
 
CBA sued over frozen millions in IT bribery scandal
Eric Pulier's not-for profit lodges lawsuit in US.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
New features are coming to Outlook.com
May 27, 2015
Outlook.com, thanks to its predecessor Hotmail.com, is one of the world's major webmail services ...
Windows 10 to feature integrated apps for Android and iOS
May 27, 2015
Microsoft reveals multi-platform Cortana connectivity for Windows 10. What the heck is that, and ...
Microsoft launches Office for Android preview
May 22, 2015
Microsoft has launched a preview of Office for Android smartphones. Pre-release versions of ...
Microsoft is working on an iOS email chat feature called Flow
May 22, 2015
Microsoft is working on a new chat app, but at the moment we know more about what we DON'T know, ...
Windows 10 free upgrade: Microsoft details who gets what
May 22, 2015
Microsoft was meant to be streamlining its OS with Windows 10, so why is upgrading so confusing? ...
Latest Comments
Polls
Should Optus make a bid for iiNet?

   |   View results
Yes
  44%
 
No
  56%
TOTAL VOTES: 667

Vote