Wikipedia gets malware
November 6, 2006 | 16:32
Wikipedia's wonderful ability to allow nearly anyone to edit a page has finally shown its dark side. Users of the German site had the opportunity to see a new first over the weekend, as the online encyclopedia was turned into a malware distributor.
Apparently, some virus makers decided to write a page that promoted a 'fix' to a Windows vulnerability. The actual vulnerability had been exploited by the Blaster worm back in 2003, and Microsoft has had it patched for nearly as long. The page was modified to reflect a "new" version of the worm, and included a download for the proposed patch. Users who clicked on the patch and ran it instead introduced their computers to malware.
On top of the modified page, the hackers also sent out an e-mail impersonating Wikipedia. Since Wiki is not exactly a giant spam target, these e-mails were largely unfiltered. Fortunately, it's not expected that many people fell for the deception.
The affected page has since been removed, but it brings the idea of security back into the forefront of public attention. Of course most of us realize that Wikipedia is contributed to by people like you and me, and so many of us are careful about what we choose to believe (much less click on). However, this is one of the first times that John Q. Public has really had to deal with the darker side of Web 2.0.
Have you got a thought on the wiki-bomb? How about the safety of user-created content to begin with? Let us know your thoughts in our forums.
Apparently, some virus makers decided to write a page that promoted a 'fix' to a Windows vulnerability. The actual vulnerability had been exploited by the Blaster worm back in 2003, and Microsoft has had it patched for nearly as long. The page was modified to reflect a "new" version of the worm, and included a download for the proposed patch. Users who clicked on the patch and ran it instead introduced their computers to malware.
On top of the modified page, the hackers also sent out an e-mail impersonating Wikipedia. Since Wiki is not exactly a giant spam target, these e-mails were largely unfiltered. Fortunately, it's not expected that many people fell for the deception.
The affected page has since been removed, but it brings the idea of security back into the forefront of public attention. Of course most of us realize that Wikipedia is contributed to by people like you and me, and so many of us are careful about what we choose to believe (much less click on). However, this is one of the first times that John Q. Public has really had to deal with the darker side of Web 2.0.
Have you got a thought on the wiki-bomb? How about the safety of user-created content to begin with? Let us know your thoughts in our forums.
RELATED ARTICLES
MSI MPG Velox 100R Chassis Review
October 14 2021 | 15:04
Want to comment? Please log in.