Wikipedia Blaster ‘Fix’ Points to Malware

fergie (paul ferguson) just sent this to the funsec list and posted on his blog. the register reports of increasing how wikipedia links were changed to pioint to malware. wikipedia abuse has been a concern for a long time, and just recently we discussed it on this blog.

date: fri, 3 nov 2006 19:10:19 gmt
from: fergie
subject: [funsec] wikipedia blaster ‘fix’ points to malware

via the register.


hackers have hijacked links on a wikipedia article to trick users into
downloading malware.

a piece on the german edition of wikipedia was re-written to contain
false information about a supposedly new version of the infamous
blaster worm, along with a link to a supposed ‘fix’. in reality, the
link pointed to malware designed to infect windows pcs.

hackers then spamvertised a bogus warning about the new blaster variant
to german users alongside links to the fraudulent wikipedia entry, in a
bid to lend credibility to the bogus warning. the article was quickly
edited to remove the bogus information and the attack is not thought to
have claimed many victims, reports uk anti-virus firm sophos.



- ferg

“fergie”, a.k.a. paul ferguson
engineering architecture for the internet
ferg’s tech blog:

fun and misc security discussion for ot posts.

note: funsec is a public and open mailing list.

gadi evron,