Hello,
In order to keep the community informed of threats against Wikimedia projects and users, the Wikimedia Security team has some information to share.
Malware installed via pirated contented downloaded from sites such as the Pirate Bay can cause web browsers compromised by the malware to create a fake donation banner for Wikipedia users. While the actual malware is not installed or distributed via Wikipedia, unaware visitors may be confused or tricked by it's activities.
The malware seeks to trick visitors to Wikipedia by looking like a legitimate Wikipedia banner asking for donations. Once the user clicks on the banner, they are then taken to a portal that leads them to transfer money to a fraudulent bitcoin account that is not controlled by the Foundation.
The current version of this malware is only infecting Microsoft Windows users at the time of this notification. To date, the number of people affected is small. The fraudulent accounts have taken approximately $700 from infected users. However, we strongly encourage all users to use and update their antivirus software.
Additional details and a screenshot of the fake donation banner on can be found at Bleepingcomputer.com. [0]
[0] https://www.bleepingcomputer.com/news/security/fake-movie-file-infects-pc-to...
Thanks,
John Bennett
Hi,
I seem to recall some OTRS tickets recently sent warning about it. Should they be forward to any address in particular, in case they keep coming in?
Paulo
John Bennett jbennett@wikimedia.org escreveu no dia quinta, 24/01/2019 à(s) 14:02:
Hello,
In order to keep the community informed of threats against Wikimedia projects and users, the Wikimedia Security team has some information to share.
Malware installed via pirated contented downloaded from sites such as the Pirate Bay can cause web browsers compromised by the malware to create a fake donation banner for Wikipedia users. While the actual malware is not installed or distributed via Wikipedia, unaware visitors may be confused or tricked by it's activities.
The malware seeks to trick visitors to Wikipedia by looking like a legitimate Wikipedia banner asking for donations. Once the user clicks on the banner, they are then taken to a portal that leads them to transfer money to a fraudulent bitcoin account that is not controlled by the Foundation.
The current version of this malware is only infecting Microsoft Windows users at the time of this notification. To date, the number of people affected is small. The fraudulent accounts have taken approximately $700 from infected users. However, we strongly encourage all users to use and update their antivirus software.
Additional details and a screenshot of the fake donation banner on can be found at Bleepingcomputer.com. [0]
[0]
https://www.bleepingcomputer.com/news/security/fake-movie-file-infects-pc-to...
Thanks,
John Bennett _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Horrifying!
Is there anything we can do from our side, e.g. include some Javascript which can detect and disable the malware banner?
[[mw:Adamw]]
On Thu, Jan 24, 2019 at 10:11 AM Paulo Santos Perneta < paulosperneta@gmail.com> wrote:
Hi,
I seem to recall some OTRS tickets recently sent warning about it. Should they be forward to any address in particular, in case they keep coming in?
Paulo
John Bennett jbennett@wikimedia.org escreveu no dia quinta, 24/01/2019 à(s) 14:02:
Hello,
In order to keep the community informed of threats against Wikimedia projects and users, the Wikimedia Security team has some information to share.
Malware installed via pirated contented downloaded from sites such as the Pirate Bay can cause web browsers compromised by the malware to create a fake donation banner for Wikipedia users. While the actual malware is not installed or distributed via Wikipedia, unaware visitors may be confused
or
tricked by it's activities.
The malware seeks to trick visitors to Wikipedia by looking like a legitimate Wikipedia banner asking for donations. Once the user clicks on the banner, they are then taken to a portal that leads them to transfer money to a fraudulent bitcoin account that is not controlled by the Foundation.
The current version of this malware is only infecting Microsoft Windows users at the time of this notification. To date, the number of people affected is small. The fraudulent accounts have taken approximately $700 from infected users. However, we strongly encourage all users to use and update their antivirus software.
Additional details and a screenshot of the fake donation banner on can be found at Bleepingcomputer.com. [0]
[0]
https://www.bleepingcomputer.com/news/security/fake-movie-file-infects-pc-to...
Thanks,
John Bennett _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/wiki/Wikimedia-l New messages to: Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe
Should we include this in tech news, perhaps? I think this is vital information that should be sent in that newsletter.
-- Devin “Zppix” CCENT Volunteer Wikimedia Developer Africa Wikimedia Developers Member and Mentor Volunteer Mozilla Support Team Member (SUMO) Quora.com Partner Program Member enwp.org/User:Zppix **Note: I do not work for Wikimedia Foundation, or any of its chapters. I also do not work for Mozilla, or any of its projects. **
On Jan 24, 2019, at 8:02 AM, John Bennett jbennett@wikimedia.org wrote:
Hello,
In order to keep the community informed of threats against Wikimedia projects and users, the Wikimedia Security team has some information to share.
Malware installed via pirated contented downloaded from sites such as the Pirate Bay can cause web browsers compromised by the malware to create a fake donation banner for Wikipedia users. While the actual malware is not installed or distributed via Wikipedia, unaware visitors may be confused or tricked by it's activities.
The malware seeks to trick visitors to Wikipedia by looking like a legitimate Wikipedia banner asking for donations. Once the user clicks on the banner, they are then taken to a portal that leads them to transfer money to a fraudulent bitcoin account that is not controlled by the Foundation.
The current version of this malware is only infecting Microsoft Windows users at the time of this notification. To date, the number of people affected is small. The fraudulent accounts have taken approximately $700 from infected users. However, we strongly encourage all users to use and update their antivirus software.
Additional details and a screenshot of the fake donation banner on can be found at Bleepingcomputer.com. [0]
[0] https://www.bleepingcomputer.com/news/security/fake-movie-file-infects-pc-to...
Thanks, John Bennett
Wikitech-ambassadors mailing list Wikitech-ambassadors@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-ambassadors
wikitech-ambassadors@lists.wikimedia.org