About a quarter-million computer users around the world are at risk of losing Internet access on Monday (9th of July 2012) because of malicious software at the heart of a hacking scam that US authorities shut down last November.
Some
blogs and news reports hyped the risk of an outage, warning of a potential
"blackout" and describing the Alureon malware as the "Internet
Doomsday" virus.
Yet
experts said only a tiny fraction of computer users were at risk, and Internet
providers would be on call to quickly restore service. They said they
considered the threat to be small compared with more-prevalent viruses such as
Zeus and SpyEye, which infect millions of PCs and are used to commit financial
fraud.
As
of this week, about 245,000 computers worldwide were still infected by Alureon
and its brethren, according to security firm Deteque. That included 45,355
computers in the United
States.
The
viruses were designed to redirect Internet traffic through rogue DNS servers
controlled by criminals, according to the FBI. DNS servers are computer
switchboards that direct Web traffic.
When
authorities took down the rogue servers, a federal judge in New York ordered that temporary servers be
kept in place while the victims' machines were repaired. The temporary servers
will shut down at 12:01 a.m. EDT (0401 GMT) on Monday, which means the infected
PCs that have not been fixed will no longer be able to connect to the Internet.
Some
US Internet providers, including AT&T Inc and Time Warner Cable ,
have made temporary arrangements so that their customers will be able to access
the Internet using the address of the rogue DNS servers.
Information
on how to identify and clean up infections can be found on a website that a
group of security firms and other experts set up: http://www.dcwg.org.
"It's
a very easy one to fix," said Gunter Ollmann, vice president of research
for security company Damballa. "There are plenty of tools available."
Many
of the machines that remain infected are probably not in active use since most
victims were notified of the problem, said security expert Johannes Ullrich,
who runs the Internet Storm Center, which monitors Web threats.
The
United States
has charged seven people for orchestrating the worldwide Internet fraud. Six
were arrested in Estonia,
while the seventh, who was living in Russia, is still at large. Tallinn has so far extradited two of the men to New York where they appeared in Manhattan federal court.
The
case is USA
v. Tsastsin et al, U.S. District Court for the Southern District of New York,
No. 11-cr-878.
No comments:
Post a Comment