Virus may threaten access to web

About a quarter-million computer users worldwide are at risk of losing Internet access Monday because of malicious software at the heart of a hacking scam that U.S. authorities shut down last November.

Some blogs and news reports hyped the risk of an outage, warning of a potential "blackout" and describing the Alureon malware as the "Internet Doomsday" virus.

Yet experts said only a tiny fraction of computer users were at risk, and Internet providers would be on call to quickly restore service. They said they considered the threat to be small compared with more-prevalent viruses such as Zeus and SpyEye, which infect millions of PCs and are used to commit financial fraud.

As of this week, about 245,000 computers worldwide were still infected by Alureon and its brethren, according to computer-security firm Deteque. That included 45,355 computers in the United States.The viruses were designed to redirect Internet traffic through rogue DNS servers controlled by criminals, according to the FBI. DNS servers are computer switchboards that direct Web traffic.

Many of the machines that remain infected are probably not in active use since most victims were notified of the problem, said computer-security expert Johannes Ullrich, who runs the Internet Storm Center, which monitors Web threats.

The United States has charged seven people with orchestrating the worldwide Internet fraud. Six were arrested in Estonia, while the seventh, who was living in Russia, is still at large.