By Claire Connelly, Technology Reporter From:news.com.au July 06, 201211:02AM
This is what could happen to your internet if you don't check your computer for malware. Herald Sun
•Users will be blocked from web Monday due to virus •Hackers rerouted web traffic through DNS servers •FBI seized the servers, will shut them down on Monday •Users still affected won't be able to access the web
MILLIONS of internet users worldwide could be taken offline on Monday by a virus hidden on their computers for more than a year.
The Australian Communications and Media Authority (ACMA) is warning users about a piece of malicious software known as a "Domain Name System Changer" or "DNSChanger" secretly installed by Estonian hackers.
The malware lets the hackers control the DNS – the system which lets users access the internet and send email – for criminal activities including fraud.
US and Estonian authorities have been working on the problem since last November, with the FBI arranging temporary control of the infected servers to let users keep accessing the web.
This temporary arrangement ends at 2.00pm (AEST) on Monday, July 9, when computers hit by the DNSChanger will no longer be able to access internet services, according to the Internet Systems Consortium, the organisation which controls the operations of the web.
The ACMA estimates about 6000 Australians will be affected.
Manager of e-Security at ACMA, Bruce Matthews told news.com.au that though they have been warning people about this since March, it’s likely some people will still be left without internet come Monday.
“We anticipate that many internet users will be confused about why they are unable to use internet services after this date and are likely to contact their ISP to query their lack of availability of internet services,” Mr Matthews said.
To prepare for this, the ACMA along with the Computer Emergency Response Team Australia (CERT) and the Australian Department of Broadband Communications have come up with an easy tool to let you to find out if your computer is infected and give you with tools to remove it.
Simply follow this link for a diagnosis.
The ACMA is also warning internet users to check their wireless routers because the malware may have changed the routers' settings.
If your router is still using the login provided by the manufacturer, it is definitely worth a check.
Compare your routers' DNS settings to the rogue DNS server settings. If your router is using one or more of the DNS settings, it's likely your network is infected.
Instructions for changing the DNS settings will vary depending on the router manufacturer. We hope you've kept the manual handy.
