Wikipedia Exploited To Spread Malicious Code

**Anilrgowda** · 06-Dec-2006, 01:22 AM

Wikipedia used to spread malicious code
By Tom Espiner
November 6, 2006, 6:34 AM PT

A Wikipedia page has been used by hackers in an attempt to spread malicious code. The entry for the MSBlast worm in the German version of the popular online encyclopedia was altered to include false information about a new version of the Lovesan/MSBlast worm, with links to a supposed fix, according to Sophos.

The fix was actually a piece of malicious code, the antivirus vendor said in a notice published Friday. It's not clear how long the vandalized page was live, but the editors of Wikipedia.de moved quickly to delete the links once they were discovered. However, because Wikipedia archives old versions of articles, the hackers were still able to send links to the archived entry through a mass-mailed e-mail.

This e-mail purported to be from Wikipedia, and directed German users to the fraudulent Lovesan/MSBlast entry. Because the e-mails linked to a legitimate Web site, they were able to bypass some antispam solutions, Sophos reported on Friday. "The good news is that the authorities at Wikipedia quickly identified and edited the article on their site," Graham Cluley, senior technology consultant at Sophos, said in a statement.

"Unfortunately, however, a version of the page remained in the archive, allowing the hackers to send out spam and continue to direct visitors to the malicious code." Wikipedia confirmed that it has now permanently erased all versions of the page, according to German news site Heise Online.

06-Dec-2006, 01:22 AM	#1 (permalink)
Anilrgowda Administrator Posts: 18,715 Join Date: Jan 2006 Rep Power: 10 IM:	Wikipedia Exploited To Spread Malicious Code Wikipedia used to spread malicious code By Tom Espiner November 6, 2006, 6:34 AM PT A Wikipedia page has been used by hackers in an attempt to spread malicious code. The entry for the MSBlast worm in the German version of the popular online encyclopedia was altered to include false information about a new version of the Lovesan/MSBlast worm, with links to a supposed fix, according to Sophos. The fix was actually a piece of malicious code, the antivirus vendor said in a notice published Friday. It's not clear how long the vandalized page was live, but the editors of Wikipedia.de moved quickly to delete the links once they were discovered. However, because Wikipedia archives old versions of articles, the hackers were still able to send links to the archived entry through a mass-mailed e-mail. This e-mail purported to be from Wikipedia, and directed German users to the fraudulent Lovesan/MSBlast entry. Because the e-mails linked to a legitimate Web site, they were able to bypass some antispam solutions, Sophos reported on Friday. "The good news is that the authorities at Wikipedia quickly identified and edited the article on their site," Graham Cluley, senior technology consultant at Sophos, said in a statement. "Unfortunately, however, a version of the page remained in the archive, allowing the hackers to send out spam and continue to direct visitors to the malicious code." Wikipedia confirmed that it has now permanently erased all versions of the page, according to German news site Heise Online.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Sony Mocks Halo 3 on Wikipedia	Anilrgowda	pc games news	0	05-Sep-2007 01:19 AM
Vulnerability potentially allows hackers to run malicious code on a victimized PC	ps3cheats	Microsoft windows vista error	0	26-Mar-2007 01:14 AM
Windows Malicious Software Removal Tool	Anilrgowda	Microsoft windows vista error	0	21-Jan-2007 10:12 AM
The Wikipedia Factor	Anilrgowda	Search Engine Optimization	0	08-Jan-2007 10:10 PM
Malicious Code Injection: It's Not Just for SQL Anymore	Anilrgowda	Programming tutorials	0	03-Jan-2007 10:24 PM

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)