Reg comments47

WikiLeaks uploads 300+ pieces of malware among email dumps

Freedom. Justice. Openness. And some entirely avoidable p0wnage for good luck

WikiLeaks is hosting 324 confirmed instances of malware among its caches of dumped emails, a top Bulgarian anti-malware veteran says.

Random checks of reported malware hashes find the trojans are flagged as malware by Virus Total's static analysis checks.

Much of the malware appear to be attachments emailed by black hats in a bid to compromise the various parties affected in the WikiLeaks dumps.

Dr Vesselin Bontchev (@bontchev) says the instances of malware are only those confirmed and found in an initial search effort.

Dr Bontchev, an antivirus researcher of nearly 30 years and founder of the National Laboratory of Computer Virology in Bulgaria, said there were "no doubts" that the malware hosted on WikiLeaks was indeed malware.

"The list is by no means exhaustive; I am just starting with the analysis," Bontchev says.

"But what is listed below is definitely malware; no doubts about it."

The document dumpster uploads attachments for the emails it releases but offers no warning about the security implications of downloading macro-enabled documents, executables, and other potentially malicious files.

A feasibly simple antivirus check would have cleared a lot if not all of the attachment malware given the huge 80 to 100 percent hit rate Virus Total returned when testing files selected randomly from Dr Bontchev's list. ®

Sign up to our Newsletter

Get IT in your inbox daily

Biting the hand that feeds IT © 1998–2017