Malware Turns 0.5 M Telstra Users To 'Zombies'?
By Oonagh Reidy | Thursday | 14/06/2012
They will if malware threat becomes a reality.
That's according to Telstra Internet and broadband domain boss, Barrie Hall, who revealed recent tests to prevent botnets on BigPond network could prevent a mass number being infected with malware, which could turn their PCs into a zombie army.
Click to enlarge
The tests, which were successful, involved using Domain Name System poisoning, often used by cyber criminals, and Nominum Network Protection System (NPS) to detect malware amongst its customer network, Hall told Internet Industry Association's (IIA) iCode Forum yesterday, reports CIO.
Telstra's tests used Nominum systems to get a hold of domain names usually used by botnets to communicate with their mother ships. Hall and his team tested 1 million BigPond IP addresses and found 5.4% (or 54,000) had signs of being infected by a botnet, which is a group of infected or compromised PCs.
This means, overall, up to half a million Telstra broadband customers could "potentially" be infected with malicious software, he said. The tests excluded mobile broadband services.
Across Australia generally, the botnet infection rate is around 10% for fixed line and is lower, 5%, for wireless services.
That means one in ten of us have some infection or malware on our PCs. Scary.
But this seemingly alarming number is low compared to some other countries, including the US where it can reach 10% infection rate and Thailand which can hit an astonishing 40%.
So why does Australia have such a low botnet rate compared our friends abroad?
Most of our internet is accessed via gateways and routers, which often has a level of inbuilt level of protection compared to older systems, Hall said.
|However, some might say using DSN poisoning in tests is not a great idea, he admits "a lot of my colleagues would say that mucking with DNS is evil." |
"We're at war," with these malicious attacks and the harm that could result, Hall warned.
However, making consumers aware of the problem of malware and what to do about it is also vital, the iCode forum also heard.
This comes as Australian Media and Communication Authority (ACMA) that between 7,000-7,500 internet users in Oz are either infected with DNSChanger or continue to use the rogue settings.
Read: Malware Alert! 'Thousands' Face Web Blackout
The Authority also warns that D-day is coming for computers infected with the DNSChanger malware, which changes a user's Domain Name System (DNS) settings, enabling cybercriminals to direct unsuspecting web users to fraudulent websites and interfere with their web browsing.
Computers that remain infected after 9 July will have" severely crippled internet access", so Aussies should check their PC's now, ACMA said in a statement.
You should also check that computer's settings for accessing the internet are not the 'rogue' settings installed by DNSChanger.
Even if you have removed DNSChanger malware, it is possible your computer is still using rogue settings.
Check here if your PC is infected.
Apr/May 2011 issue
reviews the hot new iPhone attach device, the Zeppelin Air. And we look at what's going on in the tablet space...