PLEASE READ CAREFULLY AS THIS MAY HAVE DIRECT CONSEQUENCES FOR YOU...
DNS Changer Advisory
About DNSChanger Malware
The Domain Name System (DNS) works like a telephone book for the internet, changing domain names into numerical Internet Protocol (IP) addresses. When you enter a domain name (such as 'www.staysmartonline.gov.au') into your web browser, the computer contacts the DNS servers to find the IP address that corresponds to the domain name (for example, 172.16.254.1).
Your computer then uses this IP address to connect to the website you are looking for. The DNS servers you use are usually operated by your Internet Service Provider (ISP) and form part of the network which connects your computer to the internet. Without the DNS and DNS servers, you would not be able to access websites, send e-mail, or use many other internet services.
Criminals have learned that if they can control DNS servers, they can control which sites a user connects to on the internet. By controlling a user's DNS, a criminal can cause an internet user to unknowingly access fraudulent or malicious content, or otherwise interfere with a user's web browsing.
One way criminals do this is by infecting computers with a type of malicious software (malware) called DNSChanger. The DNSChanger malware replaces a user's DNS settings with settings that connect to 'rogue' DNS servers.
In November 2011, the FBI closed down a ring of cyber criminals who are believed to have been responsible for the worldwide spread of DNSChanger. An estimated four million users were affected worldwide. The FBI worked with the Internet Systems Consortium (ISC) to set up and operate a correct, temporary DNS solution so that these users would not lose their internet access when the malicious DNS servers were taken down.
This temporary DNS solution gives users infected with DNSChanger the opportunity to remove the infection before the temporary solution is switched off on 9 July 2012. After this date, it is likely that users infected by DNSChanger will not be able to connect to the internet.
What DNSChanger does to your computer?
DNSChanger alters your computer's DNS settings to replace your 'default' DNS settings with settings that connect to the rogue DNS servers. DNSChanger also attempts to access devices on your network such as your router and change their DNS settings so that they connect to the rogue DNS servers.
This means that all the computers on your network can be affected by DNSChanger, even if they are not directly infected with the malware.
Am I infected?
The Australian Communications and Media Authority (ACMA), CERT Australia and the Department of Broadband, Communications and the Digital Economy (DBCDE) have established a diagnostic website at dns-ok.gov.au that, in most cases, can be used to confirm whether your computer has been infected with DNSChanger. This website also provides links to tools, provided by anti-malware companies, that can be used to remove the infection and gives advice about the steps to follow to remove the infection.
Checking your computer
To perform a manual diagnosis, you will need to check the computer's DNS settings and the settings of any wireless access point or routers you may be using. The FBI provides the following instruction (PDF) for checking the DNS settings on a range of operating systems. You may also wish to seek advice from a computer professional to assist you in diagnosing and removing DNSChanger. For further info please visit: www.acma.gov.au.
“Sometimes it’s the progressive small companies that will bend over backward to create a solution that fits.
That was definitely the case with W3. They’re amazing.”
- MG, North
“W3 Networks are Western Sydney’s best kept secret. When I called to sign up, you had me up and
running the next day. That never happens! Thanks mates.”
- SW, Liverpool
“Our business values local suppliers. Working with W3 is easy. They’ve been in the community since 2007
and like many local suppliers, they’re the best!”
- MT, Parramatta