A security researcher found more than 300 instances of malware available for download on Wikileaks.
Amid the vast treasure trove of state secrets that Wikileaks has released are quite a few emails containing malware, a Bulgarian security researcher discovered this week.
Vesselin Bontchev, an engineer at Bulgaria’s National Laboratory of Computer Virology, found that the Wikileaks database currently contains more than 300 emails with malicious attachments, The Register reports.
Bontchev posted links to each of the emails on Github, as well as the URLs on the Wikileaks site that host the malware. Most of the emails are garden-variety phishing scams—the type that alert you to an important shipment or bank transfer coming your way and ask you to enter your personal details to confirm it.
One appeared to be imitating shipping giant Maersk, and purported to have an invoice confirmation attached. Many others originated from or were sent to email addresses with Turkish domain names, possibly linking them to the more than 300,000 emails Wikileaks published following the failed military coup in Turkey last month.
For each email, Bontchev included a link to online virus-scanning tool VirusTotal to confirm that the included attachment is indeed malware.
“The list is by no means exhaustive; I am just starting with the analysis,” he wrote on Github. “But what is listed below is definitely malware; no doubts about it.”
Wikileaks appears to offer no warnings on its website about potential malware contained in the emails it posts.
A spokesperson did not immediately respond to PCMag’s request for comment on how it screens email attachments.
After its 2010 release of American diplomatic cables propelled Wikileaks to international attention, the organization again generated controversy in the US last month when it posted hacked emails from the Democratic National Committee.
Founder Julian Assange has refused to identify the source of those emails, though many security experts—and the FBI—believe they may have been hacked by Russian cybercriminals.