New Attack Technique ‘Wiki-Slack’ Lures Business Professionals to Malicious Websites

by | Oct 31, 2023 | News

New Attack Technique 'Wiki-Slack' Lures Business Professionals to Malicious Websites

Post Views: 862

Premium Content

Patreon
Subscribe to Patreon to watch this episode.
Reading Time: 3 Minutes

Security researchers at eSentire have revealed a new attack technique known as the “Wiki-Slack attack,” which is designed to redirect business professionals to malicious websites.

In this clever tactic, attackers identify a subject in Wikipedia that could pique the interest of potential victims. They then navigate to the first page of the Wikipedia entry and make an edit, adding a legitimate referenced footnote to the entry. The real trick lies in causing a formatting error when this article is shared on Slack. Minor grammatical changes to the Wikipedia article facilitate the creation of a concealed link in Slack.

It’s essential to note that the footnote itself is not malicious. However, under specific conditions due to subtle grammatical alterations in the Wikipedia article, Slack inadvertently generates a hidden link.

See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses

Here are the three key conditions that must be met:

  1. The Wikipedia link must contain a reference at the end of the first paragraph.
  2. The first word of the second paragraph in the Wikipedia article must be a top-level domain (TLD) like com, net, us, etc.
  3. These two conditions should be present in the first 100 words of the Wikipedia article.

If these criteria are met, Slack mishandles the spacing between the first and second paragraph, producing a new link in Slack.

Wiki-Slack Attack

This tactic has the potential to mislead users into clicking on the link, subsequently leading them to a website controlled by the attacker, where browser-based malware could be waiting.

Trending: Jeff Foley – OWASP Amass Founder

Trending: Recon Tool: CHOMTE.SH

eSentire researchers identified more than 1,000 instances of this unintended artifact. They emphasized that attackers could exploit Wikipedia statistics to select pages with high traffic and employ the Wiki-Slack technique for their attacks.

The Wiki-Slack attack is a numbers game, and attackers could potentially scale it rapidly using ChatGPT or similar Large Language Models (LLMs).

To protect against browser-based attacks that can result in malware infections, organizations are encouraged to remain vigilant. Employing endpoint monitoring and embedding cyber resilience into their processes can help mitigate exposure to such attacks.

Trending: StripedFly Malware: A Five-Year Undetected Threat to Windows and Linux Systems

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: [email protected]

Source: securityaffairs.com

Source Link

Merch

Recent News

EXPLORE OUR STORE

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This