6000 Aussie users caught in DNSChanger shutdown

Powered by SC Magazine
 

Last-minute rush.

The Australian Communications and Media Authority estimates 6000 Australian internet users could face disconnection when US authorities shut down rogue DNS servers on Monday.

Up to four million users are believed to have been infected at the height of the DNSChanger advertising scam, which redirected legitimate searches by computer users to malicious sites via rogue DNS servers located in Chicago and New York.

The FBI has had temporary control of the servers since raiding the Estonian group that allegedly made and distributed the DNSChanger malware, gaining a four-month court ordered extension for the arrangement in March.

However, a purported 250,000 machines — including those at more than ten percent of Fortune 500 companies — are expected to remain infected when the DNS servers are switched off at 2pm AEST on July 9.

Any computer still infected with DNSChanger — and thus trying to route all requests through the rogue servers — will not be able to connect to the internet.

Bruce Matthews, manager for e-security operations at the ACMA, told iTnews that most recent figures estimated 6000 machines remained infected in Australia by the malware.

The number is a drop from the 10,000 it estimated in March, as well as from the 7500 machines estimated a fortnight ago, when the ACMA started a last-ditch effort to identify the remaining infections.

The regulator has worked with ISPs to contact customers, and set up a website allowing subscribers to check if they have been infected, but is yet to completely solve the issue.

"We're hoping that there will be a rapid upsurge in action to deal with those infections before July 9," he said.

"We think there's still time for affected customers to take action — it only takes a second to check your infected."

Telstra has joined some US telcos in implementing a new, temporary redirection for its customers in order to provide more time to solve the malware issue after Monday.

Experts said they considered the DNSChanger threat to be small compared with more-prevalent viruses such as Zeus and SpyEye, which infect millions of PCs and are used to commit financial fraud.

"It's a very easy one to fix," said Gunter Ollmann, vice president of research for security company Damballa.

"There are plenty of tools available."

However, Internet Systems Consortium founder Paul Vixie — who had participated in the US raid on the data centres — warned the infection had likely hit modems and routers within homes, as well as the computers themselves.

Cases where a modem's DNS settings had changed — believed to affect up to a third of all cases — would prove more difficult to remediate, and could ultimately require ISPs to "truck-roll" new devices to their customers.

With Reuters

Copyright © iTnews.com.au . All rights reserved.


6000 Aussie users caught in DNSChanger shutdown
 
 
 
Top Stories
Photos: Microsoft's new Surface 3 tablet
Microsoft has pared down the specs in favour of portability.
 
Is your lawyer smarter than IBM's Watson?
Sparke Helmore CIO Peter Campbell expects machine learning to take a chunk out of law firm profits. But he’s far from downcast.
 
Australia passes data retention into law
Mammoth last-ditch effort by Greens, indies knocked back.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Xero now includes an inventory function built-in
Mar 26, 2015
Xero has added inventory and other major new features to the latest release of its cloud ...
Apple reveals its new MacBook
Mar 13, 2015
Replacing the MacBook Air as Apple's thinnest laptop, the new MacBook comes packed with features.
Xero has released a new version of its app for the iPad
Mar 6, 2015
iPad-wielding Xero users can now take advantage of a new version of the iOS app for the cloud ...
Microsoft is offering Azure for Disaster Recovery to Australian SMBs
Feb 10, 2015
If you haven't talked to your IT provider about disaster recovery, it might be worth discussing ...
The 2015 Xero Roadshow is on: here are the locations and dates
Feb 6, 2015
The 2015 Xero Roadshow kicked off this week - see where you can attend at locations around ...
Latest Comments
Polls
Do you support the Government's data retention scheme?

   |   View results
Yes
  9%
 
No
  91%
TOTAL VOTES: 1414

Vote