The Wikipedia Review: A forum for discussion and criticism of Wikipedia
Wikipedia Review Op-Ed Pages

Welcome, Guest! ( Log In | Register )

5 Pages V « < 3 4 5  
Reply to this topicStart new topic
> Virus authors use Wikipedia to spread malware, "We got the idea from article authors," say hackers
Yahoo! News
post Fri 10th November 2006, 12:45pm
Post #81


RSS Feed
*********

Group: Bots
Posts: 5,317
Joined: Thu 18th May 2006, 11:54am
Member No.: 193



Anthony Dhanendran, Computeract!ve , Friday 10 November 2006 at 00:00:00 German version of encyclopedia used too spread virus code The open encyclopedia Wikipedia has been accused of having poor editorial standards in the past, but it now stands accused of distributing a virus to its users.... > Read the full article

Article: http://us.rd.yahoo.com/dailynews/rss/searc...dia-hosts-virus
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Yahoo! News
post Fri 10th November 2006, 1:23pm
Post #82


RSS Feed
*********

Group: Bots
Posts: 5,317
Joined: Thu 18th May 2006, 11:54am
Member No.: 193



The German version of the website carried a link to what it claimed was a fix for a new version of the Blaster virus. When users clicked on the link and installed the associated program, it actually infected their computers with the virus.

Article: http://us.rd.yahoo.com/dailynews/rss/searc...dia-hosts-virus
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Yahoo! News
post Fri 10th November 2006, 7:48pm
Post #83


RSS Feed
*********

Group: Bots
Posts: 5,317
Joined: Thu 18th May 2006, 11:54am
Member No.: 193



Malware writers have used a Wikipedia article to lead users to a booby-trapped page that contained malicious code designed to plant viruses on the computers of unsuspecting users. The hackers created a Wikipedia page that offered a Windows security update for a version of the Lovesan/W32.Blaster worm, and included a link to an external site that was labeled with the name

Article: http://us.rd.yahoo.com/dailynews/rss/searc...?story_id=47646
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Joel Leyden
post Sun 19th November 2006, 8:01pm
Post #84


Member
***

Group: Contributors
Posts: 114
Joined: Tue 9th May 2006, 9:46pm
Member No.: 172

WP user page - talk
check - contribs



QUOTE(Somey @ Thu 2nd November 2006, 3:26pm) *

See that? This is what I'm talkin' about! Thoroughly researched, explained in proper detail, and above all, plausible. (Apparently this actually happened, of course.) None of this embedded-into-images stuff...!

Of course, practically any respectable social networking site could conceivably be a target for this kind of malware trickery, but Wikipedia is particularly tempting for virus authors because of its popularity, and of course the nature of the system - especially the fact that prior article revisions can be linked to in a simple URL.

Anyway, I hope nobody got infected... They'll use this as further proof that the posting-approval system should be implemented, but IMO that isn't necessarily a bad thing. In fact, I'd be fully in favor of it, if it weren't for a small minority of admins that appear to be completely untrustworthy!


"None of this embedded-into-images stuff...!"
Well, I hate to say it, but I TOLD YOU SO months ago!
Wikipedia is a cesspool which has harmed so many good, innocent people.
Whether it is through images or other means, there are enough people out there with a strong and powerful vengeance to bring Wikipedia down. Just a matter of time,,,,tick, tick, tick ;>
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Somey
post Tue 21st November 2006, 5:21am
Post #85


Can't actually moderate (or even post)
*********

Group: Moderators
Posts: 11,815
Joined: Sat 17th Jun 2006, 7:47pm
From: Dreamland
Member No.: 275



QUOTE(Joel Leyden @ Sun 19th November 2006, 2:01pm) *
"None of this embedded-into-images stuff...!"
Well, I hate to say it, but I TOLD YOU SO months ago!
Wikipedia is a cesspool which has harmed so many good, innocent people.
Whether it is through images or other means, there are enough people out there with a strong and powerful vengeance to bring Wikipedia down. Just a matter of time,,,,tick, tick, tick ;>

Well, yeah. "None of this embedded-into-images stuff" is indeed what I wrote back then, and it continues to hold true now... But okay, Joel, fine by me - if it helps any, you were right and I was wrong!

Still, I want to make sure everyone is aware of the difference between the two modes of attack. Think about it - virus-laden images could be posted to (or linked/displayed by) almost any publicly-editable website in the world, including this one. It's a particularly nasty exploit, because you could post an image tag for an offsite file that's perfectly harmless, and have it stay that way for weeks, until one day you replace the offsite image itself with a virus-laden one. Nobody notices because everybody's moved on, but there's always going to be someone who happens on it unexpectedly someday and possibly gets infected by it. Criticizing Wikipedia for that isn't especially fair - they do more to prevent people from displaying offsite images than most sites. Indeed, the vast majority. And remember, many of our members are Wikipedia users in good standing, and I know none of them would ever condone such a thing. (Hopefully!)

However, what was done on the German Wikipedia was very specific to the Wikipedia business model - it used the very respectability of Wikipedia against it, and since there were enough suckers out there who were gulled into thinking it was an authoritative source for, well, everything, they managed to infect quite a few machines because of it. So it wasn't only a more clever exploit, it was a more specifically-directed one as well... One might even say "well-directed," but I personally have no desire to encourage malware authors any more than they're being encouraged already by all this press coverage.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post

5 Pages V « < 3 4 5
Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 

-   Lo-Fi Version Time is now: 27th 3 17, 6:22pm