Wikipedia spreads virus
Hackers have found another channel for the spread of viruses - this is Wikipedia. The scheme of action is extremely simple: in an article devoted to a virus, they post a link to a dummy for "treatment." Many people tend to trust Wikipedia - they become easy victims of intruders.
For the first time such hacker activity was noticed on the German Wikipedia website. On the page describing the Blaster (Lovesan) worm , a link to the patch was posted, which allegedly allowed to get rid of the infection. Under the guise of a patch spread malware .
It is clear that the reason for the vulnerability of Wikipedia for such hacker attacks is the openness of this project. Anyone can edit any article and place any link in it. If the community has learned more or less to cope with ordinary textual vandalism, the new, sophisticated methods of vandalism are still quite easy. For example, recently it became known about the first case of long-term vandalism, when a pseudoscientific article lasted on Wikipedia for about a year . Now here is another type - reference vandalism.
In both of these cases, the fact of vandalism is not obvious at first glance, therefore, identifying and correcting the error may take considerable time.
')
In the case of the Blaster dummy patch, the appearance of a “malicious” link on the page was quickly discovered, so it was removed from the text of the article. However, the link remained in the archive of edits, which is the standard functionality of any wiki engine. Here the attackers used a non-standard method: they sent out spam inviting to visit this archival Wikipedia page (the average user cannot distinguish the archive version from the regular one). The emails looked like they were sent on behalf of Wikipedia, and the link was highlighted in bold ( spam screenshot ). Naturally, spam aroused suspicion and Wikipedia administrators quickly took action and removed the archive page from the site. However, the attackers have achieved their goal: they seem to have managed to infect several people and, thus, proved the viability of the new method.
Thanks to the use of the good name of Wikipedia (the most popular source of information in the world today), the attackers managed to deceive both anti-spam filters and user confidence.
For the first time such hacker activity was noticed on the German Wikipedia website. On the page describing the Blaster (Lovesan) worm , a link to the patch was posted, which allegedly allowed to get rid of the infection. Under the guise of a patch spread malware .
It is clear that the reason for the vulnerability of Wikipedia for such hacker attacks is the openness of this project. Anyone can edit any article and place any link in it. If the community has learned more or less to cope with ordinary textual vandalism, the new, sophisticated methods of vandalism are still quite easy. For example, recently it became known about the first case of long-term vandalism, when a pseudoscientific article lasted on Wikipedia for about a year . Now here is another type - reference vandalism.
In both of these cases, the fact of vandalism is not obvious at first glance, therefore, identifying and correcting the error may take considerable time.
')
In the case of the Blaster dummy patch, the appearance of a “malicious” link on the page was quickly discovered, so it was removed from the text of the article. However, the link remained in the archive of edits, which is the standard functionality of any wiki engine. Here the attackers used a non-standard method: they sent out spam inviting to visit this archival Wikipedia page (the average user cannot distinguish the archive version from the regular one). The emails looked like they were sent on behalf of Wikipedia, and the link was highlighted in bold ( spam screenshot ). Naturally, spam aroused suspicion and Wikipedia administrators quickly took action and removed the archive page from the site. However, the attackers have achieved their goal: they seem to have managed to infect several people and, thus, proved the viability of the new method.
Thanks to the use of the good name of Wikipedia (the most popular source of information in the world today), the attackers managed to deceive both anti-spam filters and user confidence.
Source: https://habr.com/ru/post/4661/
All Articles