WikiLeaks published more than 80 variants of malware in the second email dump from Turkey’s ruling political party (AKP), according to security expert Vesselin Bontchev, who is also known by the pseudonym Dark Avenger.
Bontchev published his research on his GitHub page, which shows just how extensive the threats inside Wikileaks AKP email dump were. This is just the latest example of unethical leaking to come from the whistleblowing organisation. In July, the site was criticised for “putting women in danger” by publishing sensitive information of every female voter in 79 of 81 Turkish provinces. Now, there is yet another reason to refer to the AKP email dump and dangerous and poorly executed.
Anyone searching the Wikileaks database can easily download malware attachments by clicking on the wrong link. Dr. Bontchev disclosed the links safely in his report, and also said his findings were “by no means exhaustive.” He said most of the malware discovered was “run-of-the mill” spam, scam, phishing attacks inciting you to click on the attachment, which is terrible news for journalists and anti-censorship advocates investigating the leak.
Dr. Vesselin Bontchev identified more than 80 links to malware included in the Wikileaks AKP database. (Image: Wikileaks)
The published report breaks the findings into three pieces: Links to the original email in the Wikileaks database, one to the malicious attachment hosted on the Wikileaks website, and a VirtusTotal analysis of the attachment. A vast majority of the malware links appear to deploy ransomware or remote access trojans. Neither would be good for an ordinary citizen to download.
The most alarming thing about the findings is that they’re only a small subset of the total information published by Wikileaks over the past few months. Bontchev insinuated on Twitter that the size of the threat could actually be in the thousands rather than in the dozens as he initially reported.
Took a peek now. Hooo, boy! Normally, 84 malicious DOCM attachments. Include spam? 962. Include duplicates? 2093. And that's just DOCM.
— Vess (@VessOnSecurity) August 14, 2016
Researchers have questioned the moral legitimacy of the AKP email dump altogether since the beginning. New York Times reporter Zeynep Tufekci has pulled no punches when publicly shaming Wikileaks since the original AKP email dump. She wrote that the newest batch of leaks “have nothing on Turkey’s political power structure” and contains “personal info of ordinary people as they email inquiring for jobs, share travel plans.”
@VessOnSecurity As far as I can tell, more mailing lists (with mundane news articles); spam; overwhelmingly ordinary people, mundane emails.
— Zeynep Tufekci (@zeynep) August 14, 2016
Wikileaks has not yet responded to the latest allegations that it published dozens of malware attachments. Even if the organisation comments, it’s unlikely that the editors would show any remorse. It appears that the organisation has basically given up on trying to leak things ethically.