Wikipedia: Hackers' Latest Muse

Techtree News Staff, Nov 07, 2006 1520 hrs IST

A page of the German version of Wikipedia, dedicated to the MSBlast worm, was altered by malicious hackers to include information about a new version...

E-Mail Print

Reports highlight a recent instance of virus writers targeting the online encyclopedia, Wikipedia.

A page of the German version of Wikipedia, dedicated to the MSBlast worm, was altered by malicious hackers to include information about a new version of the worm. The false entry was complete with links to a supposed patch, which once downloaded and installed, would protect against the latest version of the worm.

However, those unassuming users who were lured into installing the fix, ended-up infecting their PCs with an altogether new Windows virus instead of curing the supposed bug.

And that's not all... the virus creators not only altered the Wikipedia page, but also went a step ahead in sending out spam email in German, carrying a message made to look like it had come from Wikipedia. Predictably, the message was meant to fox unsuspecting users, and direct them to the vandalized Wikipedia page, and eventually to the fake patch.

Security major, Sophos, was the first to draw attention to this malicious set-up.

Although it's not known how long the booby-trapped page remained live on Wikipedia, the good part is that Wikipedia authorities were quick to move to edit the article on their site as soon as Sophos confirmed the problem.

As of now, Wikipedia has confirmed to removing permanently all versions of the vandalized page.

Meanwhile, this is not the first time that the openness of Web sites like Wikipedia has proved to be more of a liability than a plus point.
For instance, the spam sent out by the hackers managed to get past all email filters - only by riding on Wikipedia's good name.

USER COMMENTS

Damn! What beautiful innovation! u must appreciate their intelligent minds... really... too good..

by digigeek2004, mumbai, on Nov 08, 2006 02:24 PM, Report abuse Reply

Just some corrections: * It is not proven (even if highly likely) that the binary files contain malware. At least it doesn't contain any malware known to recent antivirus scanners. At the moment the files are examined by people like sophos and kaspersky. * Sophos wasn't the first to draw attention to the problem and we don't react on their notification. We soon discoverd the problem after the hit of many of bounces and several notification by users which received the spam. * The page remained live the first time for 1 minute, the second time for 4 minutes. Problem was that it remained in the history section and the spam directly linked to an old version of the article. Sad but true, it lasted several hours until we completly removed the versions from history permanently. * A filter which let a mail pass only because it uses the word 'wikipedia' is a bad filter for sure. In the last time, a lot of spam incorporated our name.

by Tim 'avatar' Ba, Cologne, Germany, on Nov 08, 2006 03:55 AM, Report abuse Reply

peepee

by peepee, peepee, on Nov 08, 2006 12:03 AM, Report abuse Reply

coooooooooooooool hacker dude.

by ayan, Kolkata, on Nov 07, 2006 07:56 PM, Report abuse Reply

Wikipedia is ultimately a great resource and just as with any information on the web should not be taken as being 100% accurate, but taken as a collective knowledge base that should help you to find the answers you are looking for.

by Andrew, England, on Nov 07, 2006 04:46 PM, Report abuse Reply

Good move!

by VirusGuy, Virus, on Nov 07, 2006 03:24 PM, Report abuse Reply