The entry for the MSBlast worm in notice published Friday.was altered to include false information about , with links to a supposed fix, according to Sophos. The fix was actually a piece of malicious code, the antivirus vendor said in a
It's not clear how long the vandalized page was live, but the editors of Wikipedia.de moved quickly to delete the links once they were discovered.
However, because Wikipedia archives old versions of articles, the hackers were still able to send links to the archived entry through a mass-mailed e-mail. This e-mail purported to be from Wikipedia, and. Because the e-mails linked to a legitimate Web site, they were able to bypass some antispam solutions, Sophos reported on Friday.
"The good news is that the authorities at Wikipedia quickly identified and edited the article on their site," Graham Cluley, senior technology consultant at Sophos, said in a statement. "Unfortunately, however, a version of the page remained in the archive, allowing the hackers to send out spam and continue to direct visitors to the malicious code."
Wikipedia confirmed that it has now permanently erased all versions of the page, according to German news site Heise Online.
Tom Espiner of ZDNet UK reported from London.