Hackers have hijacked links on a Wikipedia article to trick users into downloading malware.

A piece on the German edition of Wikipedia was re-written to contain false information about a supposedly new version of the infamous Blaster worm, along with a link to a supposed 'fix'. In reality, the link pointed to malware designed to infect Windows PCs.

Hackers then spamvertised a bogus warning about the new Blaster variant to German users alongside links to the fraudulent Wikipedia entry, in a bid to lend credibility to the bogus warning. The article was quickly edited to remove the bogus information and the attack is not thought to have claimed many victims, reports UK anti-virus firm Sophos.

Nonetheless the assault serves to illustrate how Wikipedia's policy of openness, featuring few controls on who can create or modify articles, lends itself to abuse by malware authors as well as other kinds of mischief-making we've seen in the past. The incident also illustrates the constantly evolving nature of social engineering attacks employed by hackers, VXers and other riff-raff. ®

Related stories

Wikipedia Chicken attacked (9 November 2006)
Dismissal scam spam targets medical centre (3 November 2006)
MySpace phishing scam targets music fans (14 October 2006)
Worm automates Google AdSense fraud (6 October 2006)
School sues over Wikipedia posts (26 July 2006)
Avoid Wikipedia, warns Wikipedia chief (15 June 2006)
All my personal details for chocolate? Go on then (18 April 2006)
Nature mag cooked Wikipedia study (23 March 2006)
Wikipedia editing hobby goes nationwide (19 January 2006)
There's no Wikipedia entry for 'moral responsibility' (12 December 2005)
Why Wikipedia isn't like Linux (27 October 2005)
Wikipedia: magic, monkeys and typewriters (24 October 2005)
Wikipedia founder admits to serious quality problems (18 October 2005)