Sunday, July 8, 2012

Malacañang warns IT sector vs July 9 malware 'threat'

Malacañang said Saturday it has updated its defenses against cyber-threats, including one that can potentially disconnect them from the Internet starting July 9.

Presidential spokesman Edwin Lacierda said their IT department has discussed the malware threat and adopted precautions against it, even as he urged the IT sector to be on the alert.

“That’s why the IT department should be updated ang defenses against virus. Marami tayong makukuhang mga Trojans, ang daming virus na kumakalat sa Internet (There are so many Trojans and threats out there). That’s why IT should be on the alert,” he said on government-run dzRB radio.

He was referring to the "DNS Changer" malware, which may have remained on many computers worldwide after they were planted by a cyber-criminal gang that has since been busted.

While US authorities have set up a temporary fix to allow the infected computers to continue accessing the Net, they are to pull the plug on that temporary fix on July 9.

Facebook said last June it will notify people whose machines are likely infected, and give them directions on how to get rid of the malware.

Facebook said that when DNSChanger malware infects a computer, it performs malicious actions, the most serious of which is DNS manipulation.

DNS (Domain Name System) is a core Internet technology used to convert human readable domain names into an IP address such as, which a computer understands.

The DNSChanger malware, launched by cybercriminals last year, in effect tells the infected computer to use a DNS server owned by criminals.

"The criminals use this rogue DNS server to direct your computer to malicious, instead of legitimate, websites," Facebook said.

Infected computers can manipulate search results, display advertisements for fake or malicious products, and direct victims to malicious websites, it added.

Malware checks

Facebook users who are concerned their computer or network might be infected with DNSChanger malware can easily check by visiting the DNSChanger Working Group's Detection Page.

Earlier this year, Facebook joined the clean up effort by participating in [ DNSChanger Working Group], which is comprised of computer security experts from the public, private, and academic sectors.

"As a result of our work with the group, Facebook is now able to notify users likely infected with DNSChanger malware and direct them to instructions on how to clean their computer or networks," Facebook said.

More tips

In the Philippines, the Philippine Long Distance and Telephone Co. and Smart Communications gave more tips to check if their systems are infected. — TJD