Tens of thousands could lose their Internet connection Monday with the expiration of a protection program developed by the U.S. government to combat a virus discovered in 2007, experts say.
The virus dubbed DNS Changer was active between 2007 and October 2011.
Cybercriminals – six Estonians and Russian – were indicted last November for spreading the virus, an advertising scam to redirect users to certain sites, which could reach 4 million computers worldwide.
The U.S. federal Burel Of Investigation (FBI) has developed, with judicial authorization, the servers that allow replacement, even to infected machines, to have a normal traffic.
But this warrant expires Monday, exposing cuts to the roughly 300,000 computers still infected.
Of the 300,000 machines that may be affected by the virus, the majority are in the USA (69,000), while others are distributed in a dozen other countries, including France, Italy, Germany, United Kingdom, Canada, India and Australia.
A Queen’s University professor says about 9,000 Canadian computers could be infected and lose Internet service on Monday when the FBI shuts down temporary servers, according to The Province.
The virus, which changes the parameters involving domain names and IP address, blocks the updates of anti-virus systems.
According to security experts, it is difficult to know how many computers involved are still active, but with the help of the FBI as well as Google, Facebook and service providers on the internet, they have developed sites that enable users who may be exposed to test their computers online with sites like dcwg.org (wors for Canadians as well).
The computer protection company McAfee, which is offering a free detection tool at mcafee.com/dnscheck, stressed the need to act before Monday.
“If users’ computers have the wrong DNS settings for the servers, they will not be able to access websites, send email or use internet services,” a McAfee statement said on Thursday.
Google, meanwhile, had indicated in May seeking to prevent 500,000 users using the servers set up by the FBI.
“We’ve notified many people and have seen some clean-up as a result, but we expect others with affected devices will likely encounter problems after the deadline passes,” he told AFP.
One thing is certain, for infected computers still in use, the failure will be total.
“Connectivity will be lost to the internet PERIOD,” said a blog posting from the security firm Symantec.
“If your computer is still using DNS entries that are pointing to the FBI servers on July 9, you will lose TOTAL access to the internet. No connecting to the office from home, no updating Facebook, nothing until the DNS settings are fixed.”