Wikipedia- New Tool For Hackers To Circulate Malware
Attackers entered a Web page into wikipedia's German edition reporting about Blaster virus' new variant. The Web page also gave link to a fake download to eradicate the virus.
Attackers then advertised a fake caution about the new variety of Blaster to German users with the link to bogus wikipedia entry to give authenticity to their claim. The article was taken off the site to clear the fake information. It is believed that the hacking attack has not done much harm.
It seems that attackers have used someone's ability to edit an article from wikipedia, along with its related characters to distribute malware.
Peter Firstbrook, Research director for information security and privacy, Gartner, said, " I have been cautioning about it but I didn't know that it could happen on wikipedia". He added, "we have observed these things happening on MySpace, where the hackers attempted to social engineer the users into installing a backdoor or a bot into their systems. It is not easy to use malware stoppers on these Websites as it is a amalgam of bad and good."
As the e-mails are linked to a legal site, they could escape some anti-spam programs.
Graham Cluely, senio technology consultant, Sophos, said, "the good part is that the Wikipedia authorities recognized and edited the article on Website quickly."
But unluckily, a variant of the page stayed in the archive, permitting the attackers to circulate spam and keep directing the visitors to malign code. Wikipedia has ensured now that it has removed all the variants of the page permanently.
The provision of sites like Wikipedia that allow users to edit any page make them wonderful but it can also reduces the trust factor. In the given case, the concerned article was not only deceptive but was absolutely malicious too.
However, the attack shows how open policy of Wikipedia that features only a few controls on those modifying or creating articles presents itself to abuse by malware writers and other kinds of hackers we have witnessed in past. The event also shows the uniformly developing social engineering tactics employed by attackers.
Related article: Wikipedia Infected with Old ILOVEYOU Virus
» SPAMfighter News - 06-11-2006