Security Experts:

Users Warned of Malware After Ads Reported on Wikipedia Site

Wikimedia, the foundation responsible for information hub Wikipedia, is warning users that if they see ads on the encyclopedia’s webpage, their system might be infected with malware. The ads in question are not the ones asking for donations that show up once a year, but for-profit related adverts.

“We never run ads on Wikipedia. Wikipedia is funded by more than a million donors, who give an average donation of less than 30 dollars. We run fundraising appeals, usually at the end of the year. If you’re seeing advertisements for a for-profit industry or anything but our fundraiser, then your web browser has likely been infected with malware,” Wikimedia’s Philippe Beaudette wrote on the foundation’s blog.

“Ads injected in this manner may be confined to some sites, even just to Wikipedia, or they may show up on all sites you visit. Browsing through a secure (HTTPS) connection may cause the ads to disappear, but will not fix the underlying problem...”

The blog post mentioned additional causes for the ads, including hijacked browsers, which have been taken over by toolbars that display ads within websites or injected advertisements that come from an ISP.

Disabling browser add-ons is the first step to determining the issue, but if the system is infected with malware that wont remove the underlying problem. Obviously, using anti-virus software will help, but most AV programs allow toolbars.

It’s only recently that some browser add-ons are being blocked or disabled due to the fact that they inject content through the browser, which is often seen as a malicious act. However, more often than not, browser toolbars are legitimately installed. They often come packaged within Shareware or Trialware installations.

Some are shady, such as the “I Want This” toolbar for Chrome, which Wikimedia mentions in their post on the topic. The distributers of “I Want This” earn money from affiliate marketing and ad distributions. Other toolbars are useful, such as WOT, which rates search results and websites based on community reports of trustworthiness.

No matter what though, “you won’t be seeing legitimate advertisements on Wikipedia,” added Beaudette.

Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.