Wikipedia gets malware

Author: Brett Thomas
Published: 6th November 2006
Comments (12) Stumble
Hackers have figured out how to use Wikipedia to their advantage.

Hackers have figured out how to use Wikipedia to their advantage.

Wikipedia's wonderful ability to allow nearly anyone to edit a page has finally shown its dark side. Users of the German site had the opportunity to see a new first over the weekend, as the online encyclopedia was turned into a malware distributor.

Apparently, some virus makers decided to write a page that promoted a 'fix' to a Windows vulnerability. The actual vulnerability had been exploited by the Blaster worm back in 2003, and Microsoft has had it patched for nearly as long. The page was modified to reflect a "new" version of the worm, and included a download for the proposed patch. Users who clicked on the patch and ran it instead introduced their computers to malware.

On top of the modified page, the hackers also sent out an e-mail impersonating Wikipedia. Since Wiki is not exactly a giant spam target, these e-mails were largely unfiltered. Fortunately, it's not expected that many people fell for the deception.

The affected page has since been removed, but it brings the idea of security back into the forefront of public attention. Of course most of us realize that Wikipedia is contributed to by people like you and me, and so many of us are careful about what we choose to believe (much less click on). However, this is one of the first times that John Q. Public has really had to deal with the darker side of Web 2.0.

Have you got a thought on the wiki-bomb? How about the safety of user-created content to begin with? Let us know your thoughts in our forums.
Quote samkiller42 6th November 2006, 16:56
How sad, why do people do it, they must think there really hard, Shot em is what i say :D

Sam
Quote DougEdey 6th November 2006, 17:00
Booooo at them.

Kill them all, chop their * heads off!
Quote DeX 6th November 2006, 17:28
I'm suprised no one thought of this earlier. And to be honest I might have fallen for the link to the supposed fix if I had actually been looking info on that particular virus. If I'd received the info by email though of course I'd be suspicious.
Quote customh 6th November 2006, 18:06
teh suxx, why must people be stupid and spiteful...
Quote Tyinsar 6th November 2006, 18:31
Sadly the more secure you try to make such a thing the less attractive it becomes to the average person to contribute (though I suspect those with the most to contribute are, at least in one field, not average). Also, if someone feels they can profit from a scam the increased security only makes it more of a challenge.
Quote DeX 6th November 2006, 19:00
Quote:
Originally Posted by customh
teh suxx, why must people be stupid and spiteful...

Who is being stupid and spiteful?
Quote DXR_13KE 6th November 2006, 21:07
i hope it stays open and free.
this will make people a little more vigilant.
Quote speedfreek 6th November 2006, 21:42
I dont even trust windows update. Why would I trust a wikipedia link to an update for windows.
Quote eddtox 6th November 2006, 22:36
How sad can people get? Wikipedia is offering a useful service for free, and what do people do? They target it with malware! It just goes to show that maybe not everyone is ready and deserving of the internet. I find it revolting.

-ed out
Quote Tile 6th November 2006, 23:07
Deleted
Quote DeX 6th November 2006, 23:59
Quote:
Originally Posted by eddtox
How sad can people get? Wikipedia is offering a useful service for free, and what do people do? They target it with malware! It just goes to show that maybe not everyone is ready and deserving of the internet. I find it revolting.

-ed out

I don't think everyone understood what happened. Nobody pointed anybody to a malicious site out of spite or for fun. A spammer pointed victims to a malicious site via wikipedia in order to gain their trust. It's not an attack on Wikipedia! It's simply yet another way to fool people and gain access to their system.

I don't think anyone is thinking of tightening the security of wikipedia. This scam only needed to make one edit on a single page. Increasing security wouldn't make any difference unless you stopped all edits all together.
Quote webbyman 7th November 2006, 17:26
sad, sad people... it's a shame theirs nasty little runts that want to do this to such a fine and exemplar piece of the internet...
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.





Stats: 0.060 seconds