OTTAWA, April 20, 2012 /CNW/ - The Canadian Internet Registration
Authority (CIRA), in collaboration with Public Safety Canada and the
Canadian Radio-television Telecommunications Commission (CRTC), has
developed an online DNS Checker to screen users' computers for the
DNSChanger malware.
Recently, through Operation Ghost Click, the FBI uncovered an extensive cyber criminal activity, whereas
millions of computers around the world were infected with malicious
software without the knowledge of the user. The malware, called
DNSChanger, affected the Domain Name System (DNS) configuration of the
user's computer system. The DNS is the system that changes domain names
into Internet Protocol (IP) addresses (for example,
cira.ca=192.228.29.1. For more on how the DNS works you can visit http://youtu.be/2ZUxoi7YNgs). The malware infrastructure, which affected over 20,000 Canadian IP
addresses, redirected unsuspecting user's to rogue DNS servers,
allowing the cyber criminals to manipulate the user's web activity.
Because of the complexity and sophistication of this malware, detection
and removal is challenging without the help of an IT security
professional.
Due to its experience in managing the DNS in Canada, CIRA was approached
by Public Safety Canada to assist in developing a tool that allows
Canadian Internet users to detect if their computer is affected by the
DNSChanger malware.
The result of this collaboration with the Canadian Cyber Incident
Response Centre (CCIRC) at Public Safety Canada and the CRTC is the
DNSChanger Malware Checker, located at http://DNS-OK.ca/.
Once the user agrees to the Terms and Conditions, the DNS Checker will
match the DNS Internet Protocol (IP) address employed by the user's
computer against the known Operation Ghost Click IP addresses. When
completed, the user is greeted by either a green banner, which
indicates that their computer is not infected with the malware, or a
red banner, which indicates that their computer system may be infected
with the malware. If the banner is red, the user is encouraged to
consult the Public Safety Canada website that provides further information on detection and removal of the
DNSChanger malware. For more information please visit http://www.publicsafety.gc.ca/prg/em/ccirc/2011/in11-002-eng.aspx.
"This type of initiative really speaks to the collaborative nature of
the Canadian Internet community, and the key role CIRA plays," said
CIRA's president and CEO Byron Holland. "CIRA is committed to providing
Canadian Internet users with a safe, secure and trusted online
experience and this DNS Checker provides an important resource for
Canadians to screen their computer for the DNSChanger malware".
The DNSChanger Malware Checker does not screen for any other virus,
malicious code or malware.
About CIRA
The Canadian Internet Registration Authority is the member-driven
organization that manages Canada's .CA domain name registry, develops
and implements policies that support Canada's Internet community, and
represents the .CA registry internationally.