Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


WikiLeaks’ Exposed Stratfor Trove Maligned with Malware

A system administrator Josh Wieder who recently visited WikiLeaks discovered malware laced into documents of the publicly exposed Stratfor, stated techworm.net dated July 19, 2015.

Austin, Texas (US) situated American think tank, Stratfor that handles security issues, during late 2011, became victim of a hack by Jeremy Hammond. Hammond the hacker forwarded the e-mail archive of the company to WikiLeaks during early the next year. WikiLeaks, as it handles any other leaked file coming into its grip, publicized the dump.

Wieder scanned all the 5m electronic mails dumped together just for discovering malicious software inside most of the files.

In a blog post, Wieder described the data as truly enormous, more than 5.5m e-mails. The dump was probably so enormous that 2-yrs weren't enough for accurately examining as well as cleansing the documents before they were wholly published during 2014 (from the year 2012 when WL received them). Techworm.net published this, July 19, 2015.

Further as per Wieder, plentiful malware got illegally included as PE/OLE files else VBScript macros. It was probable that more contaminated documents were hanging about inside WikiLeaks' dump of unfiltered folders. The Register reported this, July 17, 2015.

As an instance of the above, the February 2011 dated internal memo regarding Libya's conflict-torn regions of Tripolitania and Cyrenaica had an attached Word file, which indicated presence of malware when examined with VirusTotal, as there was one code-execution attack code inside it for the CVE-2010-3333 vulnerability in Mac and Windows (Microsoft Office).

Wieder has prepared one catalog of Stratfor electronic mails that carry the malware described.

He says he discovered eighteen active malware strains inside the e-mail dump, the majority of which had Word, Excel or PDF files implanted. One malware strain had been created for plucking user registration details from applications. These were addresses and names that were then sent over the Internet onto a remote system.

The Sysadmin further states he has been asking the whistle blowing WikiLeaks site for getting the database sanitized. According to him, no reputable news website would be expected to harbor malware-laced documents, therefore WikiLeaks that claims to be accountable, should not either.

» SPAMfighter News - 7/28/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page