Internet users warned of big blackout in July

[PhazeDelta1]

TEN thousand Australian internet users are among 4 million worldwide who face a total internet blackout from July 9, thanks to a malicious piece of software that infected their computers without their knowledge.

That is the warning from the Australian Communications and Media Authority, which yesterday issued a statement appealing to internet users to check to see if their computers were infected.

The communications regulator, together with other government agencies, has set up the website dns-ok.gov.au to allow web users to check their computer for the malicious software and remove it if necessary.

The web blackout from July 9 will be enforced by the FBI, which is shutting down several web servers through which infected users' web traffic has been travelling.

Advertisement

It is shutting them down because of an investigation into a sophisticated internet fraud ring that used the servers to manipulate people's web browsing.

The malware changes a user's domain name system (DNS) settings, diverting all web requests through servers that the FBI seized in November, but has been temporarily maintaining to ensure internet services were not disrupted. This maintenance will finish on July 9, meaning computers still infected will face internet troubles.

''It is likely that users infected will be unable to connect to the internet when the temporary DNS solution is switched off,'' the dns-ok.gov.au website states.

Bruce Matthews, manager of the ACMA's e-Security division, said that since November last year, the watchdog had seen more than 10,000 Australian internet users infected with the ''DNSChanger'' malware.

Mr Matthews said the ACMA had worked with Australian internet service providers to try to reduce the number of infected users since.

But the number had been reduced by only a few thousand since November.

He said the way in which users were most commonly infected by the malware included opening malicious attachments in emails and visiting suspect websites through links included in an email.

Paul Ducklin, of the security firm Sophos, said users may have been infected by the malware in the past, and may have removed it, but could still face problems on July 9 if they did not change their DNS settings.

''So it's important to remember that even if your anti-virus gives you a clean bill of health about malware infection, you might nevertheless still be affected by a lingering side-effect of the malware,'' he said.

http://www.theage.com.au/digital-life/c ... 1w172.html


edit:

Forgot to add the link for the DNS checker.

http://www.dcwg.org/detect/