WikiLeaks uploads 300+ pieces of malware among email dumps
Freedom. Justice. Openness. And some entirely avoidable p0wnage for good luck
WikiLeaks is hosting 324 confirmed instances of malware among its caches of dumped emails, a top Bulgarian anti-malware veteran says.
Random checks of reported malware hashes find the trojans are flagged as malware by Virus Total's static analysis checks.
Much of the malware appear to be attachments emailed by black hats in a bid to compromise the various parties affected in the WikiLeaks dumps.
Dr Vesselin Bontchev (@bontchev) says the instances of malware are only those confirmed and found in an initial search effort.
Dr Bontchev, an antivirus researcher of nearly 30 years and founder of the National Laboratory of Computer Virology in Bulgaria, said there were "no doubts" that the malware hosted on WikiLeaks was indeed malware.
"The list is by no means exhaustive; I am just starting with the analysis," Bontchev says.
"But what is listed below is definitely malware; no doubts about it."
The document dumpster uploads attachments for the emails it releases but offers no warning about the security implications of downloading macro-enabled documents, executables, and other potentially malicious files.
A feasibly simple antivirus check would have cleared a lot if not all of the attachment malware given the huge 80 to 100 percent hit rate Virus Total returned when testing files selected randomly from Dr Bontchev's list. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust