Now WikiLeaks is distributing malware

Graham Cluley

Cluley 250 thumb

Veteran anti-virus researcher Vesselin Bontchev has discovered that there are thousands of samples of malware available for download from the WikiLeaks website.

The malware found by Bontchev is found in a large tranche of emails leaked from AKP, a Turkish political party.

Bontchev writes:

Since many of the AKP members have been recipients of malware sent by e-mail (most likely random spam but could have also been targeted attacks), the received malware in the e-mails is also present in the dump. As a result, the Wikileaks site is hosting malware. For the record, I consider this to be extremely irresponsible from the part of Wikileaks. Malware distribution is not “journalism” by any definition of the term.

Bontchev found 3277 malicious files on the WikiLeaks site, accessible to anyone on the internet via a single click.

Of course, it’s perfectly possible that the true number of malware samples published on the WikiLeaks site is much larger than this. Bontchev’s focus so far has been on one particular email dump, and used the VirusTotal service to determine if a file was identified as malicious or not.

Furthermore, one cannot discount the possibility that some of the email dumps published by WikiLeaks contain targeted attacks that are not presently detected by any anti-virus product.

WikiLeaks has been criticised before for its unwillingness to curate the leaked information that it leaks – by, amongst others, no less than Edward Snowden.

Anti-virus industry old-timers like me and Bontchev are left with our heads in our hands when we hear that WikiLeaks is apparently making no efforts whatsoever to prevent its readers from encountering malware samples.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

6 Replies to “Now WikiLeaks is distributing malware”

  1. I would have loved to post that picture of Picard and Riker sitting beside each other simultaneously doing the ( Face Palm )

    But I read last night, the DNC was telling their people not to visit Wikileaks because of the "thousands of malware" hosted on the site. We all thought it was a scare tactic, and actually we did not know it had some truth to it. Still, I'll take a pass though. I'll just wait for the Hilary stories to hit the press.

  2. I've had mixed views about WikiLeaks, but it seems it's lost it's focus/purpose over the years.

    Placing people's lives at risk and distributing malware for the sake of 'journalism' isn't journalism.

  3. 'WikiLeaks has been criticised before for its unwillingness to curate the leaked information that it leaks – by, amongst others, no less than Edward Snowden.'

    Surely that is extremely ironic, quite hypocritical, very telling or some combination?

    On the other hand, according to the BBC:

    'An investigation by the Associated Press has found the names and addresses of teenage rape victims, people who have suffered sexual abuse, and information about individuals suffering mental illness in documents on Wikileaks.'

    And that is absolutely disgusting. Unwillingness? Maybe laziness? Incompetence? Lack of ethics? I think the latter is esp true with what the BBC cites and arguably all the others too. That they've spread malware is also quite bad.

    I do think Snowden had good intentions however (can't prove it of course) but whether his execution was good or not I don't know; Wikileaks clearly is worse in that regard.

  4. Does no one even look at what was found anymore? All of the *infected* emails look like generic spam we all have in our gmail spam folders right now..

  5. My niece has encountered this malwares upon visiting the sites. There are never ending prompts from my ESET Antivirus that I had to shut down my laptop. Glad that all the malwares are gone now.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET UPDATES