Skip to Main Content
PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

Watch Out for Malware in Those Wikileaks Email Dumps

A security researcher found more than 300 instances of malware available for download on Wikileaks.

By Tom Brant
August 19, 2016
VIRUS

Amid the vast treasure trove of state secrets that Wikileaks has released are quite a few emails containing malware, a Bulgarian security researcher discovered this week.

SecurityWatch Vesselin Bontchev, an engineer at Bulgaria's National Laboratory of Computer Virology, found that the Wikileaks database currently contains more than 300 emails with malicious attachments, The Register reports.

Bontchev posted links to each of the emails on Github, as well as the URLs on the Wikileaks site that host the malware. Most of the emails are garden-variety phishing scams—the type that alert you to an important shipment or bank transfer coming your way and ask you to enter your personal details to confirm it.

One appeared to be imitating shipping giant Maersk, and purported to have an invoice confirmation attached. Many others originated from or were sent to email addresses with Turkish domain names, possibly linking them to the more than 300,000 emails Wikileaks published following the failed military coup in Turkey last month.

For each email, Bontchev included a link to online virus-scanning tool VirusTotal to confirm that the included attachment is indeed malware.

"The list is by no means exhaustive; I am just starting with the analysis," he wrote on Github. "But what is listed below is definitely malware; no doubts about it."

Recommended by Our Editors

Wikileaks appears to offer no warnings on its website about potential malware contained in the emails it posts. A spokesperson did not immediately respond to PCMag's request for comment on how it screens email attachments.

After its 2010 release of American diplomatic cables propelled Wikileaks to international attention, the organization again generated controversy in the US last month when it posted hacked emails from the Democratic National Committee. Founder Julian Assange has refused to identify the source of those emails, though many security experts—and the FBI—believe they may have been hacked by Russian cybercriminals.

Like What You're Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.


Thanks for signing up!

Your subscription has been confirmed. Keep an eye on your inbox!

Sign up for other newsletters

TRENDING

About Tom Brant

Deputy Managing Editor

I’m the deputy managing editor of the hardware team at PCMag.com. Reading this during the day? Then you've caught me testing gear and editing reviews of laptops, desktop PCs, and tons of other personal tech. (Reading this at night? Then I’m probably dreaming about all those cool products.) I’ve covered the consumer tech world as an editor, reporter, and analyst since 2015.

I’ve evaluated the performance, value, and features of hundreds of personal tech devices and services, from laptops to Wi-Fi hotspots and everything in between. I’ve also covered the launches of dozens of groundbreaking technologies, from hyperloop test tracks in the desert to the latest silicon from Apple and Intel.

I've appeared on CBS News, in USA Today, and at many other outlets to offer analysis on breaking technology news.

Before I joined the tech-journalism ranks, I wrote on topics as diverse as Borneo's rain forests, Middle Eastern airlines, and Big Data's role in presidential elections. A graduate of Middlebury College, I also have a master's degree in journalism and French Studies from New York University.

Read Tom's full bio

Read the latest from Tom Brant