Wikipedia Blaster 'fix' points to malware
PrintAchtung!
Posted in Software & Security, 3rd November 2006 18:47 GMT
Free whitepaper – What Exchange can't do - and Dell can
Hackers have hijacked links on a Wikipedia article to trick users into downloading malware.
A piece on the German edition of Wikipedia was re-written to contain false information about a supposedly new version of the infamous Blaster worm, along with a link to a supposed 'fix'. In reality, the link pointed to malware designed to infect Windows PCs.
Hackers then spamvertised a bogus warning about the new Blaster variant to German users alongside links to the fraudulent Wikipedia entry, in a bid to lend credibility to the bogus warning. The article was quickly edited to remove the bogus information and the attack is not thought to have claimed many victims, reports UK anti-virus firm Sophos.
Nonetheless the assault serves to illustrate how Wikipedia's policy of openness, featuring few controls on who can create or modify articles, lends itself to abuse by malware authors as well as other kinds of mischief-making we've seen in the past. The incident also illustrates the constantly evolving nature of social engineering attacks employed by hackers, VXers and other riff-raff. ®
Free whitepaper – Managing desktop software for fun and profit
The Register Agile Data Center Summit
What Exchange can't do - and Dell can
New storage architectures make SSDs more cost-effective
Dell PowerEdge R710 solution with VMware ESX vs. Dell PowerEdge 2850 solution
Sign up, sign up for The Register IT security newsletter
Microsoft's Windows 7 price gamble - and why it's flawed
Managing Desktop Software for fun and profit
Intel's flash new SSDs hit by bugs