Network Security, Security Strategy, Plan, Budget

Canadian government helping erase DNSChanger infection

Two months before "internet doomsday," the Canadian Government has made a website available to help the public check for infection. The Canadian Internet Registry Authority publicly launched a site (https://www.dns-ok.ca/) to check for DNSChanger infection in mid-April.

DNSChanger infects computers with malware that redirected Domain Name System requests to a series of criminally operated DNS servers. These servers then misdirected computers to illegitimate and malicious websites.

The Estonian criminals behind DNSChanger were arrested in September, and the DNS servers were replaced with legitimate ones so that those still infected would be safe.

However, the legitimate DNS servers will be disabled on July 9, meaning that the 350,000 computers still infected with the malware will be unable to reach the internet.

The Canadian Government asked CIRA (a member-driven organization that manages the .CA registry) to develop the site in February. The date that the DNS would be suspended was pushed back from spring to summer after too many infected computers were identified.

"At the outset, there was an expectation by a number of governments that this malware would be cleared off computers – not only around Canada but around the world," said CIRA spokesperson Tanya O'Callaghan.

CIRA conducted a 'soft launch' of the site with ISPs after the government requested it to be built in February. April represents a wider public launch to raise awareness about the issue.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.