AI DevwWrld Chatbot Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Middle East Low Code No Code Summit TimeAI Summit

Wiki-slack attack: how business professionals are redirected to malicious websites

The risks of link manipulation: the new method of hijacking corporate communications

Security experts at eSentire have discovered a new attack called “Wiki-Slack,” which uses edits to Wikipedia pages to redirect Slack users to malicious websites containing malware. It is necessary to raise awareness among companies about this type of attack and integrate cyber resilience into business processes.

Contribute to spreading the culture of prevention!
Support our cause with a small donation by helping us raise awareness among users and companies about cyber threats and defense solutions.

This pill is also available in Italian language

Security experts at eSentire have revealed a new method through which attackers can divert business professionals to malicious websites. Known as the Wiki-Slack attack, this technique takes advantage of modified Wikipedia pages and takes advantage of a formatting error when the page is viewed on Slack.

Attack mode

To carry out the attack, threat actors select a Wikipedia article that may be of interest to the target, then modify it by adding a legitimate footnote at the end of the first paragraph and share the article on Slack. Although the note itself is not harmful, viewing the shared page on Slack causes a formatting error that makes a link not present on Wikipedia visible within the collaboration solution.

How the attack works

Once a business professional copies and pastes that Wikipedia entry into a Slack channel, the malicious link appears. If the grammar around the link is sufficiently well crafted, Slack users are tricked into clicking it, leading them to an attacker-controlled website where browser-based malware is hiding. This attack requires that the reference at the end of the first paragraph of the Wikipedia article be carefully placed and that the first word of the second paragraph be a top-level domain (TLD). Additionally, the two conditions must appear in the first 100 characters of the article.

Prevention and advice

To prevent such attacks, it is advisable to raise awareness among organizations about browser-based attacks that can lead to malware infection. Furthermore, it is recommended to use endpoint monitoring and integrate cyber resilience into business processes. eSentire says it reported the identified issues to Slack.

Follow us on Facebook for more pills like this

10/30/2023 14:08

Editorial AI

Last pills

Global blow to cybercrime: a major ransomware network has fallenCybercriminal organization busted: a success for global cybersecurity

Crisis in aviation: Rosaviatsia targeted by cyberattackCyber attack exposes vulnerability of Russian aviation sector

Introduction to the new SysJoker threatIn-depth analysis reveals evolutions and risks of SysJoker cross-platform malware

Cybersecurity strategies compared between Taiwan and JapanStrengthening digital defenses in the information age