AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Wiki-slack attack: how business professionals are redirected to malicious websites

The risks of link manipulation: the new method of hijacking corporate communications

Security experts at eSentire have discovered a new attack called “Wiki-Slack,” which uses edits to Wikipedia pages to redirect Slack users to malicious websites containing malware. It is necessary to raise awareness among companies about this type of attack and integrate cyber resilience into business processes.

This pill is also available in Italian language

Security experts at eSentire have revealed a new method through which attackers can divert business professionals to malicious websites. Known as the Wiki-Slack attack, this technique takes advantage of modified Wikipedia pages and takes advantage of a formatting error when the page is viewed on Slack.

Attack mode

To carry out the attack, threat actors select a Wikipedia article that may be of interest to the target, then modify it by adding a legitimate footnote at the end of the first paragraph and share the article on Slack. Although the note itself is not harmful, viewing the shared page on Slack causes a formatting error that makes a link not present on Wikipedia visible within the collaboration solution.

How the attack works

Once a business professional copies and pastes that Wikipedia entry into a Slack channel, the malicious link appears. If the grammar around the link is sufficiently well crafted, Slack users are tricked into clicking it, leading them to an attacker-controlled website where browser-based malware is hiding. This attack requires that the reference at the end of the first paragraph of the Wikipedia article be carefully placed and that the first word of the second paragraph be a top-level domain (TLD). Additionally, the two conditions must appear in the first 100 characters of the article.

Prevention and advice

To prevent such attacks, it is advisable to raise awareness among organizations about browser-based attacks that can lead to malware infection. Furthermore, it is recommended to use endpoint monitoring and integrate cyber resilience into business processes. eSentire says it reported the identified issues to Slack.

Follow us on Facebook for more pills like this

10/30/2023 14:08

Editorial AI

Last pills

Global threat: serious security flaw discovered in the IEEE 802.11 Wi-Fi standardNew flaw in the IEEE 802.11 Wi-Fi standard exposes the security of global networks to serious risks

The fundamental aspects of computer security in everyday lifeProtection and prevention: how to safeguard personal data in the digital world

Black Basta hits Synlab: analysis of the attack and cybersecurity lessons for the healthcare sectorCyber defense strategies: how to protect healthcare infrastructures from ransomware

Google releases an emergency update for ChromeUrgent update to fix critical vulnerability in Chrome, users advised to install it immediately