Bad News--Wikileaks-posts-weaponized-malware-for-all-to-download

Discussion in 'other security issues & news' started by hawki, Dec 18, 2014.

Thread Status:
Not open for further replies.
  1. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,957
    Location:
    DC Metro Area
    According to David Gewirtz, a security writer for zdnet.com: "WikiLeaks has released a... dangerous spyware program ............."

    Gerwitz claims that the malware had been sold by it's creator to "the police forces of the Netherlands and New South Wales, and the intelligence arms of the Hungarian, Qatari, Italian, and Bosnian governments........"

    Gerwitz, while refraining from giving the actual download link, claims that "WikiLeaks actually posted the zip files containing the malware on their site, for anyone to download...."

    Gerwitz categorizes this act by Wikileaks, if true as reported by him, as "an astonishingly irresponsible and very dangerous turn."

    http://www.zdnet.com/article/wikileaks-posts-weaponized-malware-for-all-to-download/#ftag=RSSbaffb68

    After stating how irresposible and dangerous this act by Wikileaks is, and that the malware is weaponized, Gerwitz states the the zip files are password protected, yet in his article he shares with his readers what he says Wikileaks gives as the password . WTF?
     
    Last edited: Dec 18, 2014
  2. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,248
    I just downloaded it, and then scanned two of the exe files at VirusTotal. Before I extracted the files, my archiver HaoZip detected the files as malware. At VirusTotal, both files were initially scanned there four years ago. Currently almost all malware scanners at VT detect the files - 45 out of 53 for one file and 47 out of 55 for the second file.

    Considering the high detection rate, I don't think the release of malware by Wikileaks is too much of an issue. It would be different if it was new malware that was not detected, or if the source code was included.
     
  3. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,957
    Location:
    DC Metro Area
    In September, another zdnet.com writer stated that:

    "In August, the makers of FinFisher suffered a hack that resulting in a file circulated via BitTorrent that reportedly contained client lists, price lists, source code, details about the effectiveness of Finfisher malware, user and support documentation, and a list of classes/tutorials."

    "http://www.zdnet.com/article/wikileaks-names-nsw-police-as-finfisher-malware-customer/

    Or is Gerwitz's piece just journalistic sensationalism, not journalism ?
     
    Last edited: Dec 18, 2014
  4. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,957
    Location:
    DC Metro Area
    OoPs- Sorry. May be old news. Written in September. My security news aggregator just picked it up as being published tonight. Maybe they waited to publish it until the security companies were able to provide protection against it.
     
  5. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    Mixed feelings. I feel the public should have access to it to see what's up, cause of points mentioned here https://www.schneier.com/blog/archives/2014/12/corporate_abuse.html More eyes on this sort of thing, the better.

    Whatever sample is in there is obviously flagged to death by everything anyway as roger_m mentions. And to actually go and use it for evil, well, they'd still need a method of getting it onto the victims machine, via exploit or spam. It's a drop in the bucket of the thousands upon thousands of stuff out there.
     
  6. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,968
    Location:
    U.S.A.
    Already Posted. Please Search First. Thanks!
     
Loading...
Thread Status:
Not open for further replies.