[WikiEN-l] Claims that Wikipedia was used to distribute malware

Keith Old keithold at gmail.com
Fri Nov 3 18:28:48 UTC 2006


G'day folks,

Vnunet reports that security company Sophos claims that De was used to
distribute malware.

http://www.vnunet.com/vnunet/news/2167949/hackers-wikipedia-dupe-users

Hackers are using online encyclopaedia Wikipedia
<http://www.wikipedia.com/>to spread malware, according to a security
firm.

Sophos <http://www.sophos.com/> discovered that hackers had created an
article on the German edition of Wikipedia containing false information
about a new version of the Blaster worm, along with a link to a fix.

However, the fix is actually a piece of malicious code designed to infect
visitors' PCs.

Wikipedia is built from user contributions, allowing anyone to create or
edit the content of a page.

The hackers sent spam messages to German computer users, which purported to
come from Wikipedia, and directed recipients to the fraudulent information.

As the emails linked to a legitimate website, they were able to bypass some
anti-spam solutions.

"The good news is that the authorities at Wikipedia quickly identified and
edited the article on their site," said Graham Cluley, senior technology
consultant for Sophos.

"Unfortunately, a version of the page remained in the archive, allowing the
hackers to send spam and continue to direct visitors to the malicious code."


Wikipedia has now confirmed that it has permanently erased all versions of
the page.

"The very openness of websites like Wikipedia, which allow anyone to edit
pages, makes them terrific, but can also make them less trustworthy, "
Cluley added.

"In this case, the article in question was not just misleading, it was
downright malicious.

"Everyone should exercise caution and ensure they have appropriate defences
in place to protect their computer systems.

"Additionally, people should remember that if there really is a new threat
on the internet, you're likely to hear about it first from the security
companies, not an online encyclopaedia."
What do we have in place to minimise the impact of something similar in the
future.

Regards


Keith Old



More information about the WikiEN-l mailing list