We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

DNSChanger malware victims may face internet switch off: ACMA

ACMA e-security operations manager: Up to 10,000 Australian internet users must remove malware before 9 July or face internet switch off

The Australian Communications and Media Authority (ACMA) has urged Australian internet users who may be DNSChanger victims to remove the malware from their computers before 9 July or face no internet service when domain name system (DNS) servers maintained by the FBI are switched off.

The ACMA e-security operations manager, Bruce Matthews, told Computerworld Australia that up to 10,000 Australians have devices which are infected with the malware.

According to Matthews, DNSChanger re-routes the affected person's traffic through rogue DNS servers without their knowledge. The malware has been associated with click fraud whereby an unsuspecting user will be redirected from a legitimate website they are browsing to a malicious website.

The six cyber criminals behind the DNSChanger malware were arrested in November 2011 but the Federal Bureau of Investigation (FBI) took control of the rogue DNS servers and replaced them with legitimate servers.

"While the problems associated with DNSChanger have largely been removed, if you don't take action to remove the malware and restore correct DNS settings you won't be able to connect to the internet after 9 July when the servers which are currently being maintained under a court order from the FBI are turned off," Matthews said.

The ACMA, CERT Australia and the Department of Broadband, Communications and the Digital Economy have developed a diagnostic website that will tell users if they have been affected with DNSChanger.

"Given there are a range of variants in the infection, we recommend that once someone has run the tool they go back to the website to test if they are still infected and try another tool," Matthews said.

He added that ACMA was working with internet service providers to help inform their customers that may be infected with the DNSChanger malware so that most of the infected internet users will have got rid of the malware by 9 July.

Got a security tip-off? Contact Hamish Barwick at hamish_barwick at idg.com.au

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU

IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model