SoylentNews is people
SoylentNews
WikiLeaks is hosting 324 confirmed instances of malware among its caches of dumped emails, a top Bulgarian anti-malware veteran says. Random checks of reported malware hashes find the trojans are flagged as malware by Virus Total's static analysis checks.
Much of the malware appear to be attachments emailed by black hats in a bid to compromise the various parties affected in the WikiLeaks dumps.
Dr Vesselin Bontchev (@bontchev) says the instances of malware are only those confirmed and found in an initial search effort. [...] "The list is by no means exhaustive; I am just starting with the analysis," Bontchev says.
This discussion has been archived.
No new comments can be posted.
WikiLeaks is Hosting 324 Confirmed Instances of Malware Among its Caches of Dumped Emails
|
Log In/Create an Account
| Top
| 10 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
sillema sillema nika su
(Score: 1, Interesting) by Anonymous Coward on Monday August 22 2016, @04:52PM
They have trust issues because they selectively release information. They decide what gets released when so as to maximize the impact of the information. Putting aside their cozy Russian relationship for the moment, why the hell should I believe anything out of them if they're going to shape the information and discussion? The most ardent supporters of them and Assange base their support upon the fact that what they choose to release fits nicely what they already believe, so it therefore must be true. I'd rather take what I can get from MSNBC or Fox News who provide their versions of context, but provide the information nonetheless, than to get partial information with no context.
"I've got some more great Hillary email stuff but I'm going to release it in October closer to the election" is not the cry from someone whose primary concern is getting information out than it is of someone who wants to manipulate events.
(Score: 0) by Anonymous Coward on Monday August 22 2016, @05:10PM
I don't see attention grabbing necessarily as a negative thing, but at this point, I'm beginning to wonder what smoking gun they could possibly have. Clinton is the nominee now, so that damage's been done. We know about the classified stuff on the private server. We know about the DNC corruption. It wasn't enough. Could have released it then and had a slam-dunk for the D team with Sanders as the nominee.
Even looking past the obvious disinformation and propaganda, an October surprise would have to be one helluva leak.
(Score: 0) by Anonymous Coward on Tuesday August 23 2016, @07:32AM
Probably not. The owners of the country want one of their candidates, and on the D side, that is Hillary. They would be counting on the population forgetting quickly (i.e. before the election), and they would likely be right. And even if the leak did manage to move a few percent, that would just move it to Trump, another candidate from the rich.
Wikileaks are either trying to keep the talk going, to make it seem like more than it is, or they have something they hope will move enough votes to hurt both parties enough that we will see real change. Personally, I'm guessing it's the former, to see real change would take a huge scandal.
(Score: 2) by Hyperturtle on Monday August 22 2016, @10:33PM
I'm not sure I understand why anyone would think this is an attack article, when even El Reg, the writer of the article, points out what I thought was already clear:
"Much of the malware appear to be attachments emailed by black hats in a bid to compromise the various parties affected in the WikiLeaks dumps."
Wikileaks has put up the contents of everything, which means a few things:
1) They are not filtering the content for editorialization or other purposes
2) There are numerous attachments that are infected, all of which are worthy of review by people and agencies smarter than any of us can let on to
3) The leaker had a good perspective, because they managed to capture all of this and not get the malware cleansed by their own anti-virus software, or in-transit.
4) Wikileaks also does not scrub uploads, and are clearly careful with their content handling
Unless 5) the leaker and wikileaks are now 0wn3ed by numerous third parties
Keep in mind 6) the leaker is not likely to have [deliberately] left traces of their own tools used to get this dump of emails; not unless 7) they left their lockpicks in front of the safe since it's not good to use them again later due to 8) forensic analysis, like that happening as discussed in the fine article, that could tie it back to some other hack down the road, or previous unsolved mysteries.
Taken from an objective viewpoint, it is clear that this demonstration is one of skill and professionalism; no one placed malware inside the dump to infect the unwary; it is the unwary that have managed to get themselves infected due to not realizing professionals are lurking within their midsts. This malware was all intended for something else, but the bycatch will prove interesting to various someones.
When the moth is attracted to the flame, it may get killed by that attractive glow. Much like people that review wikileaks dumps from a compromising position of unpreparedness, be it through ignorance or otherwise.
I imagine that, due to the rush of moths, there are a number of third parties that have an 'in' inside a number of news agencies now as well -- if they didn't already.
Many of these are likely no longer properly working anyway; tethers get cut when the word gets out. That won't stop a payload from deploying headless, but I imagine some will also refuse to run at all due to being on the wrong host, like a parasite that can't infect the animal it's on.
It still is a minefield to navigate for the unwary. That there are so many *indentified* instances makes one worry about whats left, the ones not easily found.