Wikipedia spam points to malware

Emails used archive function to lend authenticity.

Popular online encyclopaedia Wikipedia has been used as a vector for malware, with a spam campaign using the site's reputation and a fake security threat to lure in readers. Those who followed the chain of links found an as-yet-unidentified piece of malware at the end.

Advertise on www.virusbtn.com

The malware was carried on a webpage hosted under the 'wikipedia-download.org' domain, unassociated with the genuine Wikipedia. A page created on the freely-editable information resource posed as a security alert and pointed to this download site, and although the page itself was quickly removed by Wikipedia's army of editors, an archived version of the page remained on their servers. It was to this page that links in the spammed mails drew readers.

The spams also spoofed Wikipedia logos, and claimed to be a warning about a new variant of W32/Blaster; they also claimed that Wikipedia had been to called in by an overwhelmed Microsoft to help spread vital updates. The archived copies of the page have now been removed from Wikipedia archives, and the download site has been deactivated.

More details are available at heise Security, who promise further details of the malware involved are on the way.

03 November 2006

Tags: spam  

 del.icio.us  digg this! digg this

Quick Links

Poll
Does your company allow you to use a personal laptop/mobile device to access company resources?
Yes, it's allowed
Yes, it's actively encouraged
No
I don't know
Leave a comment
View 1 comment

Jobs Career Sidebar

Malware Prevalence
Autorun |#######|
Encrypted/Obfuscated |#####|
Heuristic/generic |#####|
Sality |####|
Zbot |####|
 View this month's full report

Virus Bulletin currently has 225,202 registered users.