Sign in. It’s quick, free and it’s up to you.
An account is an optional way to support the work we do. Find out more.
THE SO-CALLED INTERNET doomsday virus with the potential to black out tens of thousands of computers worldwide appeared to pose no major problems todayafter a temporary fix expired.
Security firms reported no significant outages linked to the DNS Changer virus, as many internet service providers have either implemented a fix or contacted customers with steps to clean their computers.
The problem stems from malware known as DNS Changer, which was created by cybercriminals to redirect internet traffic by hijacking the domain name systems (DNS) of Web browsers.
The ring behind the DNS Changer was shut down last year by the US Federal Bureau of Investigation (FBI), Estonian police and other law enforcement agencies, after infecting some four million computers worldwide.
Some 210,000 computers worldwide remained infected as of Sunday, with more than 41,000 of them in the United States, according to a working group monitoring the problem.
On Monday, temporary servers set up by the FBI to direct Internet traffic normally, even for infected computers, were shut down.
But security specialists said most internet users and providers have had time to work around or fix the problem.
“Although it’s not completely over, I think we can count case DNS Changer as a success story, said Mikko Hypponen, chief research officer at the Finland-based firm F-Secure, in a Twitter message.
“Many global operators are keeping their DNS Changer victims online, even after FBI stopped,” he said in a separate tweet.
Johannes Ullrich of the SANS Security Institute said that for computers running Windows, the computer “may actually revert to the default settings once the DNS server is turned off.”
He added, that “if you used the bad DNS server, chances are that various entities tried to notify you. Google for example should have shown you a banner.”
Additionally, Ullrich said the malware is “old enough where antivirus, if you run any, should have signatures for it.”
Six Estonians and a Russian were charged in Estonia in November with infecting computers, including NASA machines, with the malware as part of an online advertising scam that reaped at least $14 million.
Because the virus controlled so much Internet traffic, authorities obtained a court order to allow the FBI to operate replacement servers until 9 July.
The FBI, as well as Facebook, Google, Internet service providers and security firms have been scrambling to warn users about the problem and direct them to fixes.
A DNS Changer Working Group has been monitoring and educating people about the malware, with a website.
FBI spokeswoman Jenny Shearer said the temporary servers were indeed halted and that the agency had no reports of outages.
“I’m not aware of any problems,” she told AFP.
“If members of the public are not able to use their Internet they should contact their Internet service providers.”
The working group website said traffic directed to the servers that were under temporary control “will be monitored by several service providers and security organizations to insure they are not maliciously hijacked.”
Experts said that if a computer is infected, they could still access the Internet by reconfiguring the way they access the domain name system.
Instead of entering an address such as ebay.com, they could use the underlying address, which is a series of numbers, said Marco Preuss of the Russian security firm Kaspersky on the company’s Securelist blog.
“If you know the address of the server you can still use it instead of the name, e.g. 195.122.169.23 is ‘securelist.com’ but this is not an easy solution,” he said.
Others with more technical savvy can also reprogram their computer’s network settings, to access public DNS servers such as one operated by Google.
To embed this post, copy the code below on your site
Only tens of thousands is a miniscule number of the total online computers, this was way way overhyped by the media.
Isn’t everything Jay. Well said.
Ulster bank…….
The security services and security providers claiming success for something that didn’t happen. Go figure…..
Y2K bug anyone?
Is that not the job of security people – to prevent something bad happening? so in some ways it’s fair enough for them to be congratulating themselves. The only thing we don’t know is how real was the threat in the first place. Now that’s an entirely other thing to be sceptical about.
Not at all. This was detected, monitored, stealthily take control of, criminals arrested and due in court – a huge success. What happened yesterday was an official decision taken to ban those who still hadn’t fixed up their computers from accessing the Internet – those who don’t keep their machines updated end up part of a thing called a botnet, which, is generally seen as a bad thing.
What an appropriate acronym for a doomsday virus that didn’t work. DNS in motor racing = Did Not Start
Is it 31.12.99 again?!
The greatest inventions of the 21st century have come from the minds of journalists in honor of the Disney brothers and their creation Fantasyland.
Just for everyone to know, it is worth changing your PC/laptop/tablet/iPhone/other net device to use either Google’s DNS settings, or a service such as OpenDNS.
For those that know how to change their system’s DNS settings….
To use Google’s:
Primary: 8.8.8.8
Secondary: 8.8.4.4
My fave is OpenDNS however:
Primary: 208.67.222.222
Secondary: 208.67.220.220
Test in a browser: http://www.opendns.com/welcome
You should find browsing a little faster too, and if your router uses DHCP and you include these changes to DNS settings, your net device *should* detect and use them.
Any questions, just ask here. ;)
:-) :-(.
,-) :-•
-)(
Has Ireland.com email been affected? The site has been down for unnanounced maintenance since monday evening. This is the second outage in the past few days
have your say