Virus Spoof Slams Wikipedia.org

It has been a controversial week for the free web encyclopedia known as Wikipedia. First, it was hit with a plagiarism scandal. Now, the website is under fire again because shady hackers have used it to distribute a virus.

A page was created on the German version of Wikipedia warning users about a new variant of the Blaster worm. The article included a link to download a virus remover. Unfortunately for unsuspecting users, what they ended up downloading was the virus itself. (Source: Internetnews.com)

Anti-virus company Sophos posted this on its website:

"Wikipedia allows anyone to create and modify articles, a policy of openness which has often been abused by mischief-makers in the past. Taking advantage of this fact, an article on the German edition of Wikipedia, de.wikipedia.org, was created by hackers claiming to include a link to a fix for a supposedly new version of the Blaster worm. However, the 'fix' was actually a piece of malicious code known as Troj/Nordex-A, designed to infect visitors' PCs.

Hackers then spammed out an email to German computer users, claiming to come from Wikipedia, and directing them to information about the 'new worm'. Sophos's global network of spamtraps intercepted the spam messages, and customers were protected from receiving the emails by Sophos's anti-spam solutions." (Source: sophos.com)

It seems that "The Free Encyclopedia" -- or "Die freie Enzyklopädie" in this case -- has gotten itself into quite a pickle.

Even though the fraudulent section was quickly yanked by Wikipedia officials, history could easily repeat itself if proper security precautions aren't soon put into place. Web-based email services such as Yahoo Mail, Hotmail, and Gmail scan documents for viruses as they're being upload by senders or downloaded by recipients. Wikipedia and other user-controlled websites -- like MySpace.com -- need to implement a similar system. (Source: Internetnews.com)

"The very openness of websites like Wikipedia -- which allow anyone to edit pages -- makes them terrific, but can also make them less trustworthy," warned Dan Cluley, Sophos's senior technology consultant.

"In this case, it wasn't just that the information posted in Wikipedia's articles was misleading, it was downright malicious. Everyone should exercise caution and ensure they have appropriate defenses in place to protect their computer systems. Additionally, people should remember that if there really is a new threat on the Internet, you're likely to hear about it first from the security companies, not an online encyclopedia." (Source: sophos.com)