PRC.gov.ph blocked, reported as attack site

Two weeks ago, we reported that Filipino online portal site Yehey.com was blocked by Google and Firefox for being an “attack site.”

Yesterday, I visited the Philippine’s Professional Regulatory Commission’s (PRC) website at www.prc.gov.ph and was greeted by the same warning.

Similar to Yehey.com a few weeks ago, the PRC website is said to have been reported as an attack site.

Attack sites, the warning says, “try to install programs that steal private information, use your computer to attack others, or damage your system.  Some attack sites intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.”

More information was given by Google’s diagnostic page for www.prc.gov.ph.

What is the current listing status for prc.gov.ph?

Site is listed as suspicious – visiting this web site may harm your computer.      Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 69 pages we tested on the site over the past 90 days, 2 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-07-19, and the last time suspicious content was found on this site was on 2009-07-14.

Malicious software includes 4 scripting exploit(s), 4 trojan(s), 4 exploit(s).

Malicious software is hosted on 2 domain(s), including gamemaill.com/, f1y.in/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including f1y.in/.

This site was hosted on 1 network(s) including AS9658 (ETPI).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, prc.gov.ph did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

I wonder if the Yehey and PRC sites were simply vulnerable or if they were really targeted just like several South Korean and US websites experiencing a cyber attack in the last few weeks.

In any case, always make sure your PC is protected by the proper software and programs and, as a safety precaution, be careful when visiting suspicious attack sites.

Never install on your PC anything a website automatically asks you to download. Also never click on any link from an email you’re not sure of the origin. Ignorance can lead you to downloading viruses or trojans or other programs that can harm your PC or your network connection.