Washington: The so-called Internet doomsday virus with the potential to black out tens of thousands of computers worldwide appeared to pose no major problems Monday in the first hours after a fix expired.
Security firms reported no significant outages linked to the DNS Changer virus, as many Internet service providers have either implemented a fix or contacted customers with steps to clean their computers.
The problem stems from malware known as DNS Changer, which was created by a cybercriminals to redirect Internet traffic by hijacking the domain name systems (DNS) of Web browsers.
The ring behind the DNS Changer was shut down last year by the US Federal Bureau of Investigation (FBI), Estonian police and other law enforcement agencies, after infecting some four million computers worldwide.
Nearly 300,000 computers appeared to be still infected as of June, according to experts monitoring the problem.
On Monday, temporary servers set up by the FBI to direct Internet traffic normally, even for infected computers, were shut down.
But security specialists said most Internet users and providers have had time to work around or fix the problem.
“Many global operators are keeping their DNS Changer victims online, even after FBI stopped. We do not expect much noise about this today,” said Mikko Hypponen, chief research officer at the Finland-based firm F-Secure, in a Twitter message.
Johannes Ullrich of the SANS Security Institute said that for computers running Windows, the computer “may actually revert to the default settings once the DNS server is turned off.”
Additionally, Ullrich said the malware is “old enough where antivirus, if you run any, should have signatures for it.”
Six Estonians and a Russian were charged in Estonia in November with infecting computers, including NASA machines, with the malware as part of an online advertising scam that reaped at least $14 million.
The FBI, as well as Facebook, Google, Internet service providers and security firms have been scrambling to warn users about the problem and direct them to fixes.
Experts said that if a computer is infected, they could still access the Internet by reconfiguring the way they access the domain name system.
Instead of entering an address such as ebay.com, they could use the underlying address, which is a series of numbers, said Marco Preuss of the Russian security firm Kaspersky on the company’s Securelist blog.
“If you know the address of the server you can still use it instead of the name, e.g. 195.122.169.23 is ‘securelist.com’ but this is not easy solution,” he said as reported AFP, a leading French news wire service .
Others with more technical savvy can also reprogram their computer’s network settings, to access public DNS servers such as one operated by Google.
“If you are infected, you can change your DNS entries to the free DNS-Servers from Google: 8.8.8.8 and 8.8.4.4,” said Preuss.
“OpenDNS also offers two: 208.67.222.222 and 208.67.220.220, which we also recommend for additional security features.”
To check whether a computer is infected, users can visit a website run by the group brought in by the FBI:http://www.dcwg.org.
Dear TNT Reader,
At The News Tribe, our mission is to bring you free, independent, and unbiased news and content that keeps you informed and empowered. We are committed to upholding the highest standards of journalism, as we understand that we are a platform for truth.
Apart from independent global news coverage, we also commit our unique focus on the Muslim world. In an age marked by the troubling rise of Islamophobia and widespread misrepresentation of Muslims in Western media, we strive to provide accurate and fair coverage.
But to continue doing so, we need your support. Even a small donation of 1$ can make a big difference. Your contribution will help us maintain the quality of our news and counteract the negative narratives that are so prevalent.
Please consider donating today to ensure we can keep delivering the news that matters. Together, we can make a positive impact on the world, and work towards a more inclusive, informed global society.
Donate Monthly Subscription Annual Subscription