ITWire

Of course we at iTWire are quite sure readers are smarter than to have been afflicted by this malware (any malware!) so this advice is purely to help you assist friends, family and colleagues less intelligent that your selves.

We strongly suggest that you load the ACMA's testing page into any browser available on every computer within your reach. Hopefully, you will see a green message, "You do not appear to be affected by DNSChanger". A Red message is probably bad - note that there are some ISPs and corporate network administrators whose systems are configured in such a way that you will appear to be afflicted. If this is true, your connection will continue to work after July 9th - but it will be difficult to know in advance; it's probably wise to instigate the repair techniques discussed below.

Similar test code has also been added to Facebook and Google to advise affected users that they have a problem. In addition, many ISPs around the world are tracking client behaviour and have advised all affected customers by email and other means.

The problem dates back over a year to when a criminal hacking group infected over 570,000 computers around the world with this malware. The malware modified the DNS configuration of the affected computer to request web page addresses from a hacker controlled server. In addition to assisting a client computer to finding the web server they were seeking, this hacker-controlled server also issued advertising (as a means of payment for the hackers) and potentially other malware.

DNS (or Domain Name Service) is a method to convert human-readable web addresses (eg www.example.com) to computer-friendly addresses (in this case, 192.0.43.10). This is analogous to looking up a person's phone number in the white pages telephone directory - you know their name, but the telephone system requires a number.

The FBI and other police agencies around the world shut down the hackers and their servers, and in their place configured their own servers to manage the DNS functionality for the affected computers. It is this service that is being terminated tomorrow.

In April, iTWire first wrote about the problem, noting that as many as 10,000 Australian computers were affected. Latest estimates place this at 6,000 - most of whom it is assumed will have all service terminated tomorrow.

For the affected computers, it will be MUCH simpler to undertake repairs prior to the service termination than after. Repair options may be found on the DNSChanger Working Group website - just click the blue fix button at the top of the page.

12:01am US EDT is 4:01pm (correction, 2:01pm) Monday Eastern Australian time . Expect a lot of computers to "go dark" at that time.