WikiLeaks hosts hundreds of malware files in email dumps

The confidential file publisher has not considered the security implications of mass email uploads, it seems.
Written by Charlie Osborne, Contributing Writer

WikiLeaks is reportedly hosting over 300 malware samples among the website's cache of leaked emails.

As reported by The Register, Bulgarian security researcher Dr Vesselin Bontchev claims that the malware, of which there are at least 300 files hosted, has been found within the recent email dump of communication from the Turkish party AKP.

The cache is a raw dump and Bontchev notes that there does not seem to have been any "processing of any kind" -- such as a simple malware and virus scan. As a result, the results of little more than a quick check has revealed the security risk that users of WikiLeaks perusing the files now face.

"Since many of the AKP members have been recipients of malware sent by e-mail (most likely random spam but could have also been targeted attacks), the received malware in the emails is also present in the dump," the researcher says.

Antivirus scans provided by VirusTotal show that the malware being hosted by WikiLeaks includes various Trojans, Windows exploits, and Java-based malicious code.

The full list of compromised emails with their virus results can be found here.

Many of the emails which contain malware, sent to various members of the AKP, stem from phishing campaigns.

WikiLeaks is a valuable resource for many, including journalists and activists, but perhaps including a simple warning or launching a malware check before mass-uploading such documents would be worth implementing.

ZDNet has attempted to get in touch with a WikiLeaks representative outside of business hours and will update if we hear back.

The 10 step guide to using Tor to protect your privacy

Editorial standards