Share This

Showing posts with label Internet service provider. Show all posts
Showing posts with label Internet service provider. Show all posts

Monday, 11 June 2012

Warning DNSChanger victims, check for malware!

Facebook joins Google in warning DNSChanger victims

Warnings follow decision to withdraw safety net on 9 July


Federal authorities will not seek a further extension to a DNSChanger safety net, meaning an estimated 360,00 security laggards will be unable to use the internet normally unless they clean up their systems before a 9 July deadline.

DNSChanger changed the domain name system (DNS) settings of compromised machines to point surfers to rogue servers – which hijacked web searches and redirected victims to dodgy websites as part of a long-running click-fraud and scareware distribution racket. The FBI dismantled the botnet's command-and-control infrastructure back in November, as part of Operation GhostClick.

In place of the rogue servers, a bank of duplicate machines was set up to resolve internet look-up queries from compromised boxes. This system was established under a court order, which has already been extended twice. The move meant users of compromised machines could use the internet normally – but the safety net by itself did nothing to change the fact that infected machines needed to be cleaned.

At its peak as many four million computers were infected by DNSChanger. An estimated 360,000 machines are still infected and there's no sign that further extending the safety net will do any good, hence a decision to try other tactics while withdrawing the DNS safety net, which has served its purpose of granting businesses with infected machines time to clean up their act.

Last week Facebook joined Google and ISPs in notifying DNSChanger victims‎ that they were surfing the net using a compromised machine.

"The warnings are delivered using a 'DNS Firewall' technology called RPZ (for Response Policy Zones)," Paul Vixie, chairman and founder of Internet Systems Consortium, told El Reg. "This allows infected users (who are using the 'replacement' DNS servers) to hear different responses than uninfected users (who are using 'real' DNS servers). We can control how an infected user reaches certain websites by inserting rules into the RPZ," he added.

More information – along with clean-up advice – can be found on the DNS Changer Working Group website here. ®

 By John Leyden • Get more from this author

 Newscribe : get free news in real time 

PC users urged to check for malware

PETALING JAYA: Come July 10, thousands of computers infected with the DNSChanger malware (malicious software) will be disconnected from the Internet if their users don't take some necessary steps.

The problem is that many PC users may not even know that their computers have been infected.

F-Secure Labs Malaysia security adviser Goh Su Gim explained that the United State Federal Bureau of Investigation (FBI) planned to shut down hacker-controlled servers that had been reprogrammed to prevent infected PCs from being suddenly disconnected, causing support-call chaos.

Security issue: The F-Secure response lab in Kuala Lumpur. The cybersecurity company warns that thousands of infected PCs worldwide may be affected if the DNSChanger malware is not removed by July 10.
 
The servers were temporarily reprogrammed after the arrest of six Estonians believed to have created the malware in November last year.

The servers, located in Estonia and the United States, will be deactivated on July 9 and PCs still infected with DNSChanger will not function normally as they will not be able to access these servers.

For more story in The Star Tue 14, June 2012

Friday, 17 June 2011

Tackling cyber piracy needs careful planning; Hackers mainly locals





Friday Reflections - By B.K. Sidhu


So much has been said and written about the blocking of sites and hacking the past few days.
But one phrase that keeps popping up is “freedom of information.'' The blocking of sites is seen as going against freedom of information even though it is part of the fight against piracy.

Over the past few days some businessmen in the country have received calls from their counterparts abroad asking if Malaysia was indeed coming on strong on censorship of the Internet.

Internet has become such a powerful tool for many people, be it for work, education, play and entertainment. Sending the wrong message can of course trigger a lot of thoughts of safety to stability especially when we as a country need foreign direct investments.

The question here is not about what the Domestic Ministry or Malaysian Communications & Multimedia Commission (MCMC) can or cannot do. It is about why they blocked the sites and why those particular sites.

When it is done without proper explanation, it only creates mayhem and doubts in people's minds. One must remember that a lot of people the world over download stuff for free and anyone who has a broadband connection can assume that free downloads is a given because he is paying for the connection.

Then the question of enforcement comes to play. If you want to fight piracy on the web then fight it on the streets too, why allow pirated DVDs to be sold but sites are blocked.

If there are roadblocks then there should be on both ends or else the question of who we are protecting - the copyright holders or someone else - will arise.

To recap - the telecoms industry regulator, MCMC, ordered ISPs to block 10 file sharing sites at the request of the Domestic Ministry in the name of fighting piracy. These sites are used for file sharing to download music, songs, games, homework, and to do business.

One ISP did as it was told by the regulator but little did they know that they would get so much flak for that action. To explain, it posted the MCMC letter. This letter was meant to be confidential to the ISPs but it landed on the net and was circulated widely.

It did not take much time for the cyber community to retaliate over the blocking of sites and to vent their frustrations they lambasted the Government via the net. To them it was a privacy intrusion and against the MSC Malaysia Bill of Guarantees which states that the Government will not censor the Internet.

So angry were they that a Facebook account - “1M Malaysians Don't Want Block File Sharing Websites'' - was created for people to air their grouses. “What they did was akin to using a mega bomb to kill one terrorist,'' someone said of the blocking of the 10 sites.

The sites were blocked because there was an element of pirated content and according to some experts, this is a lucrative business especially for certain parties as they host the free content but some do charge VPN services to “cloak'' the content.

Ironically, the IP addresses of those sites were from the same place and 40% of IP transit traffic out of Malaysia is said to land there and the blocking action could have hurt someone's rice bowl.

The whole blocking episode and all the grouses caught the eye of hackers who threatened to hack government sites in retaliation.

They did so on Wednesday night and 41 sites were compromised. This is not the first block or hack, and it would not be last in the Internet era. Internet has both good and bad sides. It is up to the policy makers to take heed of what the users want; don't brush them aside as social media has somewhat become an avenue for people to air their grouses.

Today they can block 10, 20 or even 30 sites, but there will be an equal number of proxy sites which will offer free downloads. So while an explanation is needed for the blocking of sites, there also is a need to take Internet users on an educational journey to explain what is legal and illegal, what is piracy and what is downloadable, what is cyber security and how to safeguard.

One cannot assume everyone knows all that.Also, not many are willing to pay for content because there is free content out there.

Without a well thought out plan on how to tackle piracy, any effort will be futile and users will be left frustrated.

Deputy news editor B.K. Sidhu is glued to The World Is Flat.


90% of hackers attacking govt, private websites are locals

PUTRAJAYA: Ninety per cent of the hackers who attacked 200 government and private websites in the past four days were locals, said Science, Technology and Innovation Minister Datuk Seri Dr Maximus Ongkili on Friday.

He said the police and the relevant agencies were now in the process of identifying them. "We have come to know that most of the hackers were locals, not from, abroad," he told a press conference here.

He said this when asked to comment on the group calling itself 'Anonymous', which claimed to be based abroad and threatened the attack the government's official portal, www.malaysia.gov.my.

Maximus said that as the head of the ministry that promoted the safe use of the Internet and handled the infrastructure that dealt with cyber security, he appealed to Malaysians to use the Internet professionally for education and the development of the country.

"Because you cannot go very far when you want to do criminal activities within cyberspace itself," he added.

Asked whether the Cabinet had made any decision to form a special task force to solve this problem, he said he could not confirm that yet. - Bernama

Related Stories:

Hackers, not all hack for the heck of it! Who are the anonymous hackers? Beware of Seduction!

Malaysia Websites hacked but not whacked after threatened; time to build secured websites!

Govt won't filter Net despite attacks, says DPM

DPM: Govt takes serious view of hacker issue

Wednesday, 15 June 2011

Malaysia Websites hacked but not whacked after threatened; time to build secured websites!




 
Warning: The graphic with Anonymous’ threat that was posted online.


Two hackers disrupt 51 Malaysian government Websites, and 40 others

A woman browses the Internet at a cyber cafe in Kuala Lumpur. (File photo)
A woman browses the Internet at a cyber cafe in Kuala Lumpur. (File photo)