This was actually happened with me.[1] [1] https://phabricator.wikimedia.org/T188217
On Fri, Jan 25, 2019, 4:29 AM Adam Wight <awi...@wikimedia.org wrote: > Horrifying! > > Is there anything we can do from our side, e.g. include some Javascript > which can detect and disable the malware banner? > > [[mw:Adamw]] > > On Thu, Jan 24, 2019 at 10:11 AM Paulo Santos Perneta < > paulospern...@gmail.com> wrote: > > > Hi, > > > > I seem to recall some OTRS tickets recently sent warning about it. Should > > they be forward to any address in particular, in case they keep coming > in? > > > > Paulo > > > > John Bennett <jbenn...@wikimedia.org> escreveu no dia quinta, 24/01/2019 > > à(s) 14:02: > > > > > Hello, > > > > > > In order to keep the community informed of threats against Wikimedia > > > projects and users, the Wikimedia Security team has some information to > > > share. > > > > > > Malware installed via pirated contented downloaded from sites such as > the > > > Pirate Bay can cause web browsers compromised by the malware to create > a > > > fake donation banner for Wikipedia users. While the actual malware is > not > > > installed or distributed via Wikipedia, unaware visitors may be > confused > > or > > > tricked by it's activities. > > > > > > The malware seeks to trick visitors to Wikipedia by looking like a > > > legitimate Wikipedia banner asking for donations. Once the user clicks > on > > > the banner, they are then taken to a portal that leads them to transfer > > > money to a fraudulent bitcoin account that is not controlled by the > > > Foundation. > > > > > > The current version of this malware is only infecting Microsoft Windows > > > users at the time of this notification. To date, the number of people > > > affected is small. The fraudulent accounts have taken approximately > $700 > > > from infected users. However, we strongly encourage all users to use > and > > > update their antivirus software. > > > > > > > > > Additional details and a screenshot of the fake donation banner on can > be > > > found at Bleepingcomputer.com. [0] > > > > > > [0] > > > > > > > > > https://www.bleepingcomputer.com/news/security/fake-movie-file-infects-pc-to-steal-cryptocurrency-poison-google-results/ > > > > > > Thanks, > > > > > > John Bennett > > > _______________________________________________ > > > Wikimedia-l mailing list, guidelines at: > > > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and > > > https://meta.wikimedia.org/wiki/Wikimedia-l > > > New messages to: wikimedi...@lists.wikimedia.org > > > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > > > <mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe> > > _______________________________________________ > > Wikimedia-l mailing list, guidelines at: > > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and > > https://meta.wikimedia.org/wiki/Wikimedia-l > > New messages to: wikimedi...@lists.wikimedia.org > > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > > <mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe> > _______________________________________________ > Wikitech-l mailing list > Wikitech-l@lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/wikitech-l _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
