Veteran anti-virus researcher Vesselin Bontchev has discovered that there are thousands of samples of malware available for download from the WikiLeaks website.
The malware found by Bontchev is found in a large tranche of emails leaked from AKP, a Turkish political party.
Since many of the AKP members have been recipients of malware sent by e-mail (most likely random spam but could have also been targeted attacks), the received malware in the e-mails is also present in the dump. As a result, the Wikileaks site is hosting malware. For the record, I consider this to be extremely irresponsible from the part of Wikileaks. Malware distribution is not “journalism” by any definition of the term.
Bontchev found 3277 malicious files on the WikiLeaks site, accessible to anyone on the internet via a single click.
Of course, it’s perfectly possible that the true number of malware samples published on the WikiLeaks site is much larger than this. Bontchev’s focus so far has been on one particular email dump, and used the VirusTotal service to determine if a file was identified as malicious or not.
Furthermore, one cannot discount the possibility that some of the email dumps published by WikiLeaks contain targeted attacks that are not presently detected by any anti-virus product.
WikiLeaks has been criticised before for its unwillingness to curate the leaked information that it leaks – by, amongst others, no less than Edward Snowden.
Anti-virus industry old-timers like me and Bontchev are left with our heads in our hands when we hear that WikiLeaks is apparently making no efforts whatsoever to prevent its readers from encountering malware samples.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.