This was actually happened with me.[1] [1] https://phabricator.wikimedia.org/T188217
On Fri, Jan 25, 2019, 4:29 AM Adam Wight <[email protected] wrote: > Horrifying! > > Is there anything we can do from our side, e.g. include some Javascript > which can detect and disable the malware banner? > > [[mw:Adamw]] > > On Thu, Jan 24, 2019 at 10:11 AM Paulo Santos Perneta < > [email protected]> wrote: > > > Hi, > > > > I seem to recall some OTRS tickets recently sent warning about it. Should > > they be forward to any address in particular, in case they keep coming > in? > > > > Paulo > > > > John Bennett <[email protected]> escreveu no dia quinta, 24/01/2019 > > à(s) 14:02: > > > > > Hello, > > > > > > In order to keep the community informed of threats against Wikimedia > > > projects and users, the Wikimedia Security team has some information to > > > share. > > > > > > Malware installed via pirated contented downloaded from sites such as > the > > > Pirate Bay can cause web browsers compromised by the malware to create > a > > > fake donation banner for Wikipedia users. While the actual malware is > not > > > installed or distributed via Wikipedia, unaware visitors may be > confused > > or > > > tricked by it's activities. > > > > > > The malware seeks to trick visitors to Wikipedia by looking like a > > > legitimate Wikipedia banner asking for donations. Once the user clicks > on > > > the banner, they are then taken to a portal that leads them to transfer > > > money to a fraudulent bitcoin account that is not controlled by the > > > Foundation. > > > > > > The current version of this malware is only infecting Microsoft Windows > > > users at the time of this notification. To date, the number of people > > > affected is small. The fraudulent accounts have taken approximately > $700 > > > from infected users. However, we strongly encourage all users to use > and > > > update their antivirus software. > > > > > > > > > Additional details and a screenshot of the fake donation banner on can > be > > > found at Bleepingcomputer.com. [0] > > > > > > [0] > > > > > > > > > https://www.bleepingcomputer.com/news/security/fake-movie-file-infects-pc-to-steal-cryptocurrency-poison-google-results/ > > > > > > Thanks, > > > > > > John Bennett > > > _______________________________________________ > > > Wikimedia-l mailing list, guidelines at: > > > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and > > > https://meta.wikimedia.org/wiki/Wikimedia-l > > > New messages to: [email protected] > > > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > > > <mailto:[email protected]?subject=unsubscribe> > > _______________________________________________ > > Wikimedia-l mailing list, guidelines at: > > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and > > https://meta.wikimedia.org/wiki/Wikimedia-l > > New messages to: [email protected] > > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > > <mailto:[email protected]?subject=unsubscribe> > _______________________________________________ > Wikitech-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/wikitech-l _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
