TRA publishes guidelines to detect and fix DNS Changer Malware

Dubai: The Telecommunications Regulatory Authority (TRA) continued its efforts to ensure a safe cyber space for users in the United Arab Emirates (UAE), and monitors cyber threats that might threaten users in the country in an effort to protect and guide them from falling prey to hackers.

The authority has published on the webpage of the UAE Computer Emergency Response Team (aeCERT), a TRA initiative, information on the Malware Domain Name System (DNS) Changer that might resulted in the loss of connection to the internet on the 9th July 2012 for users with infected PCs. The DNS Changer has infected hundreds of thousands of PCs all around the world.

The TRA has informed all of its constituents regarding the incident by issuing an advisory that highlights the works of the malware and the remediation guidelines. According to the feeds the infections in the UAE were relatively small compared to other countries; however, in order to provide the highest levels of security to users, the TRA advises all users to follow the guidelines posted on aeCERT website that will enable them to detect, and fix their PCs in case of infection.

The DNS Changer malware functions by achieving full control of the user’s DNS server and then controlling what sites the user connects to on the internet. Through this type of control they also can direct the user to fraudulent or phishing websites that would eventually lead to the ability of hackers to steal important information from the user’s PC. Redirecting the user by hackers is carried out by creating a server called a Rogue DNS giving users fake answers, alters their search, and redirects their search to malicious websites.

The aeCERT noted that in order to detect this malware, it is highly recommended to check the DNS Server settings on the computer, and scan machines with up-to-date antivirus tools in order to find and remove the malware.