WikiLeaks posts multitude of malware in AKP email dump



Written by


A recent cache of files and contact information posted by WikiLeaks, supposedly intended to oust officials representing Turkey’s ruling Justice and Development Party, or AKP, is full of harmful malware, according to anti-virus expert Dr. Vesselin Bontchev.

Some of the leaked email conversations published by WikiLeaks — which are still up on the site — contain malware-ridden hyperlinks, attachments and other downloads. Listed email addresses by WikiLeaks that previously received the malware could have been the broad target of a spam campaign or a more specific data extraction operation, Bontchev writes.

Anyone currently searching through the WikiLeaks database can accidentally and unfortunately download harmful malware by, for example, clicking on an infected link in the fresh dump, Bonthev says.

Most of the malware tied to WikiLeaks’ second alleged AKP dump and subsequently discovered by Bontchev is of the “run-of-the mill” variant — largely comprised by basic spam, scam and phishing attacks that entice victims to click on links or to download corrupted computer files.

Image via Bontchev GitHub post -- a partial list of found, active malware existing in the downloadable files
Image via Bontchev GitHub post — a partial list of found, active malware existing in the downloadable files

News of the organization’s malware-laced AKP email dump follows criticism from other news outlets — including, among others, the New York Magazine, Gizmodo and Huffington Post — that suggests recent leaks were not solely focused on information owned by Turkey’s ruling political party. Rather, it appears that a portion of the so-called leaked government information reportedly belongs to Turkish citizens unaffiliated with the government — these files hold detailed personal information which, under certain conditions, can be used to commit fraud.

Over the past month, the AKP has come under increased scrutiny due to the arrests of journalists and civil society leaders for what the regime deems participation in a failed coup attempt. WikiLeaks’ latest file dump came in response to what it describes as improper behavior by the sitting regime.

“The material was obtained a week before the attempted coup. However, WikiLeaks has moved forward its publication schedule in response to the government’s post-coup purges,” WikiLeaks’ website reads. ”

WikiLeaks did not respond to Cyberscoop’s request for comment.