Wikimedia blog

News from the Wikimedia Foundation and about the Wikimedia movement

If you’re seeing ads on Wikipedia, your computer is probably infected with malware

We never run ads on Wikipedia. Wikipedia is funded by more than a million donors, who give an average donation of less than 30 dollars. We run fundraising appeals, usually at the end of the year. If you’re seeing advertisements for a for-profit industry (see screenshot below for an example) or anything but our fundraiser, then your web browser has likely been infected with malware.

Screenshot of the Wikipedia article on John Slattery, with an advertisement for Inkfruit injected by malware on the user's computer

Malware installed on your computer may inject advertising into a page on popular websites, such as this Wikipedia article. This is an example that we've seen in the wild. Note the tiny text "ads not by this site" immediately below the ad, which may or may not appear next to these types of injected advertisements.

One example that we have seen installs itself as a browser extension. The extension is called “I want this” and installs itself in Google Chrome. To remove it:

  • Open the options menu via the “pipe-wrench” icon on the top right, and choose Settings.
  • Open the Extensions panel and there is the list of extensions installed.
  • Remove an Extension by clicking the Remove button next to an item.

There is likely other similar malware that injects ads into Chrome, Firefox, Internet Explorer and other popular browsers. If you see examples that you can document, please point them out in the comments.

Ads injected in this manner may be confined to some sites, even just to Wikipedia, or they may show up on all sites you visit. Browsing through a secure (HTTPS) connection (which you can automate using the HTTPS everywhere extension) may cause the ads to disappear, but will not fix the underlying problem.

Disabling browser add-ins is a good starting point to determine the source of these types of ads. This does not necessarily fix the source of the problem either, as malware may make deep changes to your operating system. If you’re comfortable attempting a malware scan and removal yourself, there are various spyware/malware removal tools. Popular and well-reviewed solutions include Ad-Aware and Malwarebytes. But be aware that these types of tools may also bundle software, or leave your computer in an unusable state.

If in doubt, have your computer evaluated for malware by a competent and qualified computer repair center.

There is one other reason you might be seeing advertisements: Your Internet provider may be injecting them into web pages. This is most likely the case with Internet cafes or “free” wireless connections. This New York Times blog post by Brian Chen gives an example.

But rest assured: you won’t be seeing legitimate advertisements on Wikipedia.

We’re here to distribute the sum of human knowledge to everyone on the planet — ad-free, forever.

Philippe Beaudette, Director of Community Advocacy
Erik Moeller, Vice President of Engineering and Product Development

124 Responses to “If you’re seeing ads on Wikipedia, your computer is probably infected with malware”

    1 2 3 7
  1. mikec says:

    thanks for the info i had something similar on FireFox and thanks for the malware tips
    it save my laptop keep up the good work

  2. Reptilian says:

    Always use a virus scanner. I notice that sometimes there’s some program I’m not familiar with that’s installed in my programs and then I get get rid of it.

  3. logo says:

    dont know but you can tell the owner of the website to remove it

  4. Adiuseg says:

    I see not the naked eye ads in the articles of Wikipedia, but what I have found lately are some words with a hyperlink and subrrayadas in these articles. When you spades in those words you come across an ad for a something called Powered by Text – Enhance. I think this is another form of advertising that are sending the items.

  5. Is there anything the legal team can do about this? It hurts the Wikipedia brand (and those of the other projects) when this happens, being that Wikipedia markets itself as being ad free.

    • Philippe Beaudette says:

      Hi Sven,

      The legal team is actively involved in this, and we’re not ruling out any of the options at this point.

      Best,
      pb

  6. BAR says:

    > Open the options menu via the “pipe-wrench” icon on the top right, and choose Settings.

    The Chrome customize/control icon is not a pipe-wrench:

    http://en.wikipedia.org/wiki/File:Chrome17.png

    http://en.wikipedia.org/wiki/Pipe_wrench

  7. Rash says:

    I have 6 Extensions, but with name “I want this” i do not have. What should i do? My extensions are “GamePlayLabs Plugin 1.0, General Crawler 2.5, Mehr Leistung und Videoformate für dein HTML5 2.1.2.145, RewardsArcade 1.17.82, Skype Click to Call 5.9.0.9216, and Unfriend Finder 37″….pls help me…i use wikipedia every day and this bothers me alot. tx

  8. Sharma says:

    Can you see that wrench shaped option on the top right of your Chrome? Click on it and select Settings. In that, go to ‘Extensions’. There you will see some unwanted add ons installed. Remove them.

  9. cm-t says:

    Or it means you are using a spoof/custom miror/fork website like http://wikipedia (dot) orange [dot] fr

    How to fix:
    Methode (recommended) A:
    - You can change the url in your adress bar to http://wikipedia.org
    Methode B:
    - You can edit your host file (depends on your operating system) and make wikipedia.orange.fr pointing to wikipedia.org
    Methode C:
    - You can use an add-on that bloc ads. Many of these add-ons are able to, on a clic/bloc this, hide ads.
    Methode D:
    - goto Methode A

    ؟

  10. no spam says:

    read the article. also, no sane person would install a “coded” on google chrome or any other browser. get a clue.

  11. no spam says:

    go away, spammer

  12. Jon Galloway says:

    Can I opt in to those real ads instead of the fake Jimmy Wales ads? I might want to buy a T-Shirt, but I can’t buy Jimmy Wales and he keeps coming back.

  13. Nanya says:

    Oh gosh I was annoyed to the core that Wiki has started ads just like Blog.com and all the other places, but it’s such a relief to see this post, and figure out that it was just a malware! No i don’t see no more ads :)

  14. jonathan says:

    ipensatori identified an ad injector that was exploiting wikipedia a few weeks ago (it doesn’t get picked up by modern a/v scanners):

  15. jhony says:

    thanks for informing!! i was not aware of that, but i m fine with my lap. & my wiki.. :)

  16. thehealthorganization says:

    For a moment there I thought Wikipedia had turned to the “dark-side” by making everything commercial, until I saw this post of course.

    How did you remove the Codec from Google Chrome?

  17. Sharma says:

    Yep, I had this Codec add on in my Google Chrome, which made the ads visible. I removed it, and the problem is fixed. Thank You.

  18. 陈少举 says:

    in china ,so many isp use “Deep packet inspection” ( http://en.wikipedia.org/wiki/Deep_packet_inspection ) change webpage content, insert advertisement like this: http://twitpic.com/96pwwe .
    i think probability is your ISP doing same thing.

  19. Rehman says:

    Was just about to post a topic regarding this, as one of my laptops does show similar ads. Thanks for the post! :)

  20. To remove this kind of malware is never install any update of any browser from untrusted sources and keep firewall on with antivirus updated. Visit saurabhpmandal.blogspot.com for more useful information on pc virus and malware protection.

Leave a Reply