Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have reminded
computer users to be wary of unsolicited emails and believing
everything they read on the internet, after hackers took advantage
of the popular Wikipedia encyclopedia in their attempt to spread
malicious code.
Wikipedia allows anyone to create and modify articles, a policy
of openness which has often been abused by mischief-makers in the
past. Taking advantage of this fact, an article on the German
edition of Wikipedia, de.wikipedia.org, was created by hackers
claiming to include a link to a fix for a supposedly new version of
the Blaster worm. However, the "fix" was actually a piece of
malicious code known as Troj/Nordex-A, designed
to infect visitors' PCs.
Hackers then spammed out an email to German computer users,
claiming to come from Wikipedia, and directing them to information
about the "new worm". Sophos's global network of spamtraps
intercepted the spam messages, and customers were protected from
receiving the emails by Sophos's anti-spam solutions.
The spammed email directed recipients to the
Wikipedia article.
"The good news is that the authorities at Wikipedia quickly
identitifed and edited the article on their site," said Graham Cluley, senior
technology consultant for Sophos. "Unfortunately, however, the
previous version of the page was still present in the archive and
was continuing to point to malicious code. The hackers were thus
able to send out spam pointing people to the page on Wikipedia, and
try and lead them into infection."
Wikipedia has now confirmed that it has permanently erased the
archived version of the page.
"The very openness of websites like Wikipedia - which allow
anyone to edit pages - makes them terrific, but can also make them
less trustworthy. In this case, it wasn't just that the information
posted in Wikipedia's articles was misleading, it was downright
malicious," continued Cluley. "Everyone should exercise caution and
ensure they have appropriate defenses in place to protect their
computer systems. Additionally, people should remember that if
there really is a new threat on the internet, you're likely to hear
about it first from the security companies, not an online
encyclopedia."
Sophos recommends companies protect their desktops, servers and
gateways with a consolidated solution to
thwart the threats of viruses, spyware, phishing and spam.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.