Wikipedia crack spreads malware

Sophos warns that information on Lovesan, or the MSBlast worm, was found on the German version of Wikipedia, linking to an alleged fix. This fix advised by Wikipedia, however, was nothing but malware.

Response was prompt from Wikipedia.de admins, clearing the links and removing the false information.

Crackers still responded, spamming with links to the archived Wikipedia material they altered, with false headers, in order to benefit from Wikipedia`s good name.

Anti-virus vendors completely missed that the largest worm attack in months had a secondary payload, which has sent millions of pharmaceutical spam messages, a security intelligence company has revealed.

The Stration worm, aka Warezov, has been topic number one for anti-virus firms for almost three months, but until recently they hadn`t figured out that the malware kicks into second gear about six hours after it`s installed. Then, said VeriSign iDefense, it begins sending massive amounts of spam touting Viagra, Xanax, and Propecia prescription medicines.

"Lots of AV vendors have been saying that Stration doesn`t have a payload," said Mike La Pilla, an iDefense analyst. "But it does. It just takes six hours. Then it contacts a different domain, downloads a spamming trojan, and starts sending mail." advertisement

Security company Prevx has released details of a bizarre mini-war that has developed between itself and the creators of the notorious Gromozon malware Web site, reports ComputerWorld.

Prevx was among the first to release an update for its Prevx1 anti-malware tool to block malware emanating from a web of Trojan-infected Web sites which turned out to have gromozon.com at its heart.

The purpose of Gromozon appears to have been to infect users of Italian blogs and message boards with software for the purpose of generating fraudulent traffic to Web sites and, where appropriate, installing a premium-rate dialler. Displaying a range of complex behaviour, an ability to evolve rapidly, and the willingness to defend itself from counter-measures, Gromozon is considered among the most complex malware systems yet to emerge.