DNSChanger shutdown misses 'internet doomsday'

US authorities have officially cut off servers in New York put in place to direct internet traffic for computers infected with the DNSChanger malware.

Police confiscate servers during a raid in Estonia. Source: Mikko Hyppönen/F-Secure

But concerns around a potential internet blackout for an estimated 211,000 computers still believed to be infected at the time of the shut down were ultimately unfounded.

Approximately 6000 Australian internet subscribers faced a similar fate locally, with the majority sourced to Telstra connections.

"All quiet," said Barry Greene, a security consultant who volunteers with the DNS Changer Working Group, an ad-hoc group of experts who teamed up to help fight the virus and educate the public about eradicating the malware.

The working group was using the number of service calls to internet service providers as a barometer for measuring the impact of the sever shutdowns.

As of Monday afternoon New York time, providers had seen no increase in call volume.

"The outreach campaign has reached everyone humanly possible," Greene said.

Victims of the virus originally required assistance because the virus had changed DNS settings on their PCs or routrs, diverting internet traffic through rogue servers that showed them advertisements. Police shut them down in November.

Infected machines would have been unable to access the web unless they were repaired, so authorities put the backup system in place as a stopgap measure.

That is a tiny fraction of the world's more than one billion Internet users, said Luis Corrons Granel, technical director with the research lab of anti-virus software maker Panda Security.

"[It's] not a big impact," he said.

The number of users who actually lost Internet service was likely far fewer than the 211,000 who accessed the temporary server on Sunday, said Mikko Hypponen, of FSecure.

Some internet service providers — such as AT&T and Time Warner Cable in the US, and Telstra in Australia — had set up their own DNS redirection servers so customers with infected machines could continue to access the internet.

The US has charged seven people with orchestrating the worldwide internet fraud. Six were arrested in Estonia, while the seventh, who was living in Russia, is still at large. Estonia has extradited two of the men to New York, where they appeared in Manhattan federal court.