Thanks Nischyan for locating the js file!
I had a preliminary look, and it is not a 'general ad injector' - it
injects ads only into Mediawiki rendered pages (looks for #mw-panel
div), so I suppose this could be called a malware targeted at
Wikipedia.
I'm unsure of how we can proceed - perhaps contact amazon and see if
we can take down the cloudfront setup used to serve the ads? But I
think that's us entering into a cat and mouse game with malware
authors...
On Tue, May 8, 2012 at 5:49 PM, Nischay Nahata <nischayn22(a)gmail.com> wrote:
Hi,
I finally got hold of the source that caused this problem. There is an
extension called "I Want This" in chrome which does this evil work.
As per my investigation, this extension is not installed by the user. Maybe
we should notify Google that extensions are been installed without
permissions.
I have attached the JS file that causes this ad injection and also the HTML
code that is been injected. Also note that this extension not only shows ads
from Inkfruit or Jabong but RedBus.in also.
On Mon, May 7, 2012 at 11:33 PM, Philippe Beaudette <philippe(a)wikimedia.org>
wrote:
I've been trying to get a copy of that source for months, so please send
it my way as well. :)
___________________
Philippe Beaudette
Director, Community Advocacy
Wikimedia Foundation, Inc.
415-839-6885, x 6643
philippe(a)wikimedia.org
--
With Regards
Nischay Nahata
B.tech 3rd year
Department of Information Technology
NITK,Surathkal
_______________________________________________
Wikimediaindia-l mailing list
Wikimediaindia-l(a)lists.wikimedia.org
To unsubscribe from the list / change mailing preferences visit
https://lists.wikimedia.org/mailman/listinfo/wikimediaindia-l