Home > Hardware > Malware Turns 0.5 M Telstra Users To ‘Zombies’?

Malware Turns 0.5 M Telstra Users To ‘Zombies’?

Click to enlarge

That’s according to Telstra Internet and broadband domain boss, Barrie Hall, who revealed recent tests to prevent botnets on BigPond network could prevent a mass number being infected with malware, which could turn their PCs into a zombie army.

The tests, which were successful, involved using Domain Name System poisoning, often used by cyber criminals, and Nominum Network Protection System (NPS) to detect malware amongst its customer network, Hall told Internet Industry Association’s (IIA) iCode Forum yesterday, reports CIO.

Telstra’s tests used Nominum systems to get a hold of domain names usually used by botnets to communicate with their mother ships. Hall and his team tested 1 million BigPond IP addresses and found 5.4% (or 54,000) had signs of being infected by a botnet, which is a group of infected or compromised PCs.

This means, overall, up to half a million Telstra broadband customers could “potentially” be infected with malicious software, he said. The tests excluded mobile broadband services.

Across Australia generally, the botnet infection rate is around 10% for fixed line and is lower, 5%, for wireless services.

That means one in ten of us have some infection or malware on our PCs. Scary.

But this seemingly alarming number is low compared to some other countries, including the US where it can reach 10% infection rate and Thailand which can hit an astonishing 40%.

So why does Australia have such a low botnet rate compared our friends abroad?

Most of our internet is accessed via gateways and routers, which often has a level of inbuilt level of protection compared to older systems, Hall said.

However, some might say using DSN poisoning in tests is not a great idea, he admits “a lot of my colleagues would say that mucking with DNS is evil.”

“We’re at war,” with these malicious attacks and the harm that could result, Hall warned.

However, making consumers aware of the problem of malware and what to do about it is also vital, the iCode forum also heard.

This comes as Australian Media and Communication Authority (ACMA) that between 7,000-7,500 internet users in Oz are either infected with DNSChanger orĀ  continue to use the rogue settings.

Read: Malware Alert! ‘Thousands’ Face Web Blackout

The Authority also warns that D-day is coming for computers infected with the DNSChanger malware, which changes a user’s Domain Name System (DNS) settings, enabling cybercriminals to direct unsuspecting web users to fraudulent websites and interfere with their web browsing.

Computers that remain infected after 9 July will have” severely crippled internet access”, so Aussies should check their PC’s now, ACMA said in a statement.

You should also check that computer’s settings for accessing the internet are not the ‘rogue’ settings installed by DNSChanger.

Even if you have removed DNSChanger malware, it is possible your computer is still using rogue settings.

Check here if your PC is infected.