The Wikimedia Foundation is warning its millions of visitors that if they’re seeing ads appearing on any of the Foundation’s Web sites, then their computer is probably infected with malware.
The Foundation issued a statement on Monday clarifying that it never runs ads on the Web site for Wikipedia, the massive, crowd-sourced encyclopedia. Visitors who are seeing ads for for-profit firms have likely been the victim of a Web based attack, including malicious browser plug-ins, the statement reads.
A variety of malicious browser extensions for Chrome, Firefox and Internet Explorer are responsible for the ads, Wikimedia Foundation Director of Community Advocacy Philippe Beaudette explained. Alternatively, users may be accessing the Web by way of a free Internet connection that injects the ads into the Web pages the viewer loads. “But rest assured: you won’t be seeing legitimate advertisements on Wikipedia.”
The warning from Wikimedia comes amid other reports of widespread attacks from compromised Web sites. Web security firm zScaler reported yesterday that 621 of the one million most trafficked Web sites were serving malicious comments. Many of those were legitimate sites that had been compromised by online scammers and cyber crime groups.
Also, on Tuesday, the group ShadowServer reported that cyber criminals and groups engaged in targeted cyber espionage are increasingly using drive by exploits hosted on legitimate, but compromised Web servers.
Wikimedia advised its readers to disable browser add-ins on any Web browser that they use and to run a malware scan on their machine if they have concerns.