Archives

Serious security breach in Wikipedia

Hackers can use a loophole in one of the world’s largest Web sites, remotely take control of it and plant malware in it. The same loophole also affects hundreds of thousands of other sites.

A particularly severe security breach was discovered on the MediaWiki platform, which is relied by hundreds of thousands of websites across the net, including the online encyclopedia site Wikipedia, one of the ten most viewed websites on the Internet.

The loophole is a RCE type (Remote Code Execution), which is one of deep and serious loopholes that can be detected on a website and that allows remote code execution on a site.

This is the third RCE type breach that was discovered in MediaWiki since its launch in 2006, however it is probably the most serious breach, because it does not require special tools, browser extensions or advanced knowledge. Anyone can use the loophole from a browser, and it is very simple to perform.

Even worse, the loophole allows a hacker to gain full access to the web server on which the website is stored, with all the related implications. The hacker can access the database of the site, the organizational intranet that is connected to the site, to its users and more. Hackers can also easily transplant malicious code in the site and make any Wiki site a distributor of spyware and Trojans. In the case of Wikipedia, the hackers could also gain access to all the details of the editors and editorial history.

The Wikimedia Foundation was already notified about the breach, and quickly amended the security hole on Wikipedia by releasing new site platform version 1.22.2 with security updates. It is expected that most independent sites will quickly repair the fault as well. As mentioned, the official website of Wikipedia has already been fixed.

Because MediaWiki is an open-source platform based on PHP, it allows creating free private and public Wikipedia websites. There are now hundreds of thousands of Wikis in the world, some deal with matters such as books, movies and TV series. There are also quite a few internal organization Wikis such as banks and universities that are all based on MediaWiki and all are vulnerable to attack.

The Wikipedia site combines over 400 thousand Wikis Communities, and together have more than 200 million visitors a month.

It is unknown how many Wiki sites are there all over the world, but the number may be higher than one million. Not all Wiki sites are vulnerable, but only those that allow uploading of files such as PDF and other formats.

However, by definition it is a very popular functionality that is implemented in most Wiki sites.