Kiran_tech_mania
04-11-2006, 09:30 AM
Source: vnunet.com (http://www.vnunet.com/vnunet/news/2167949/hackers-wikipedia-dupe-users)
Hackers are using online encyclopaedia Wikipedia to spread malware, according to a security firm.
Sophos discovered that hackers had created an article on the German edition of Wikipedia containing false information about a new version of the Blaster worm, along with a link to a fix.
However, the fix is actually a piece of malicious code designed to infect visitors' PCs.
Wikipedia is built from user contributions, allowing anyone to create or edit the content of a page.
The hackers sent spam messages to German computer users, which purported to come from Wikipedia, and directed recipients to the fraudulent information.
As the emails linked to a legitimate website, they were able to bypass some anti-spam solutions.
"The good news is that the authorities at Wikipedia quickly identified and edited the article on their site," said Graham Cluley, senior technology consultant for Sophos.
"Unfortunately, a version of the page remained in the archive, allowing the hackers to send spam and continue to direct visitors to the malicious code."
Wikipedia has now confirmed that it has permanently erased all versions of the page.
"The very openness of websites like Wikipedia, which allow anyone to edit pages, makes them terrific, but can also make them less trustworthy, " Cluley added.
"In this case, the article in question was not just misleading, it was downright malicious.
"Everyone should exercise caution and ensure they have appropriate defences in place to protect their computer systems.
"Additionally, people should remember that if there really is a new threat on the internet, you're likely to hear about it first from the security companies, not an online encyclopaedia."
So friends, make sure you have a good 'On-access' Anti-spyware in your system before browsing such sites. Wikipedia is a good site. It's a pitty that Hackers have not even spared this one. I never understand the intention of these Hackers. They tamper such informative sites which are are so loyal that even a visitor can edit the contents. Due to this new threat on Wikipedia, we could soon see that a visitor cannot simply edit the content without autentication.
Hackers are using online encyclopaedia Wikipedia to spread malware, according to a security firm.
Sophos discovered that hackers had created an article on the German edition of Wikipedia containing false information about a new version of the Blaster worm, along with a link to a fix.
However, the fix is actually a piece of malicious code designed to infect visitors' PCs.
Wikipedia is built from user contributions, allowing anyone to create or edit the content of a page.
The hackers sent spam messages to German computer users, which purported to come from Wikipedia, and directed recipients to the fraudulent information.
As the emails linked to a legitimate website, they were able to bypass some anti-spam solutions.
"The good news is that the authorities at Wikipedia quickly identified and edited the article on their site," said Graham Cluley, senior technology consultant for Sophos.
"Unfortunately, a version of the page remained in the archive, allowing the hackers to send spam and continue to direct visitors to the malicious code."
Wikipedia has now confirmed that it has permanently erased all versions of the page.
"The very openness of websites like Wikipedia, which allow anyone to edit pages, makes them terrific, but can also make them less trustworthy, " Cluley added.
"In this case, the article in question was not just misleading, it was downright malicious.
"Everyone should exercise caution and ensure they have appropriate defences in place to protect their computer systems.
"Additionally, people should remember that if there really is a new threat on the internet, you're likely to hear about it first from the security companies, not an online encyclopaedia."
So friends, make sure you have a good 'On-access' Anti-spyware in your system before browsing such sites. Wikipedia is a good site. It's a pitty that Hackers have not even spared this one. I never understand the intention of these Hackers. They tamper such informative sites which are are so loyal that even a visitor can edit the contents. Due to this new threat on Wikipedia, we could soon see that a visitor cannot simply edit the content without autentication.