AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Wiki-slack attack: how business professionals are redirected to malicious websites

The risks of link manipulation: the new method of hijacking corporate communications

Security experts at eSentire have discovered a new attack called “Wiki-Slack,” which uses edits to Wikipedia pages to redirect Slack users to malicious websites containing malware. It is necessary to raise awareness among companies about this type of attack and integrate cyber resilience into business processes.

This pill is also available in Italian language

Security experts at eSentire have revealed a new method through which attackers can divert business professionals to malicious websites. Known as the Wiki-Slack attack, this technique takes advantage of modified Wikipedia pages and takes advantage of a formatting error when the page is viewed on Slack.

Attack mode

To carry out the attack, threat actors select a Wikipedia article that may be of interest to the target, then modify it by adding a legitimate footnote at the end of the first paragraph and share the article on Slack. Although the note itself is not harmful, viewing the shared page on Slack causes a formatting error that makes a link not present on Wikipedia visible within the collaboration solution.

How the attack works

Once a business professional copies and pastes that Wikipedia entry into a Slack channel, the malicious link appears. If the grammar around the link is sufficiently well crafted, Slack users are tricked into clicking it, leading them to an attacker-controlled website where browser-based malware is hiding. This attack requires that the reference at the end of the first paragraph of the Wikipedia article be carefully placed and that the first word of the second paragraph be a top-level domain (TLD). Additionally, the two conditions must appear in the first 100 characters of the article.

Prevention and advice

To prevent such attacks, it is advisable to raise awareness among organizations about browser-based attacks that can lead to malware infection. Furthermore, it is recommended to use endpoint monitoring and integrate cyber resilience into business processes. eSentire says it reported the identified issues to Slack.

Follow us on Facebook for more pills like this

10/30/2023 14:08

Marco Verro

Last pills

Italy's success in cybersecurityHow Italy achieved excellence in global cybersecurity: strategies, collaborations, and international successes

IntelBroker alleged breach of Deloitte systemsServer exposed: how Deloitte's security may have been compromised by a cyber attack

Vo1d infections on Android TV boxes: how to protect your devicesLearn the essential measures to protect your Android TV boxes from the dreaded Vo1d malware and keep your devices safe from cyber threats

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon