Connect with us

Cybersecurity

Malware Alert: Files on WikiLeaks Can Infect Your Computer

Published

on

warningAn independent data researcher had originally discovered a massive data dump released by WikiLeaks to contain malware in torrent files made available by the whistleblowing website. Since then, the researcher has also confirmed that some of the files taken from the dump and now hosted on WikiLeaks.org are also malware infected.

Josh Wieder, a system administrator by trade, garnered attention from multiple newspapers and outlets around the world in April 2015. With a keen eye and the chops for data research, he revealed the presence of malware in WikiLeaks’ “Global Intelligence Files”. These files are a significant collection of emails and attachments taken from Strategic Forecasting (aka Stratfor), a private intelligence firm. He made the revelation in a blog post at the time.

Stratfor was originally plundered by Jeremy Hammond in 2011, and Hammond is currently serving prison time for the hack of millions of emails from the company. Soon enough, the emails in their droves were in WikiLeaks’ firm grasp in 2012, and the whistleblowing website began sharing the email archives using P2P sharing network, BitTorrent. The complete email dump was revealed and published on July 18, 2014, with a single, massive file comprising of over 5 million emails.

As it turned out, attachments included among 5.5 million Stratfor emails were and still are, to this day, infected with malware.

“My discovery of the malware was completely unintentional. I have followed Wikileaks for many years; I first came across the website when they released the Guantanamo policy documents which would have been seven to eight years ago,” Wieder told Hacked, talking about his curiosity and admiration for the whistle-blowing website, adding, “Wikileaks has been time and again been responsible for groundbreaking, historical journalism and they continue to be responsible for important work.”

After downloading the torrent containing the “Global Intelligence Files”, Weider noticed an attachment trying to execute a macro.

Sure enough the macro was virus written in Visual Basic called Magistr. That is when I decided to review all of the files within the file dump.

Wieder speculates in his blog the reasons as to why the malicious malware came to exist in the first place.

  • One theory that he considers the most likely is that malicious files were being sent to employees of Stratfor via email.
  • Another theory resulting from Edward Snowden’s revelations could point fingers at organizations actively trying to sabotage and cause the downfall of WikiLeaks.

More importantly, Weider believes that WikiLeaks ‘can’ be used as a “deliberate distribution mechanism” rather than finding out ‘if’ that was indeed the case in this particular instance..

“Someone who wants to identify not just members of WikiLeaks, but their readers, this would absolutely be the way to do it,” confirmed Wieder. Furthermore, there stands a good chance that malware exists among the more well-known data dumps, like those of Sony Pictures and the recent Hacking Team breach, both of which are indexed and easily searchable.

Weider decided to make his findings public for two reasons:

  • Getting the word out to security researchers who can review the files.
  • Warning users, particularly journalists and activists, the two groups regularly targeted by state surveillance.

Expanding on both, Weider notes that the discovery of malware present in the WikiLeaks dump is despite his lack of resources and time as an independent researcher. More security researchers combing through droves of data available in massively publicized dumps could mean a good thing if additional chunks of malware are discovered and reported. Even more-so for the security and privacy of investigative journalists, activists and users accessing the data. Edward Snowden’s revelations highlighted frustrations of network surveillance with the increased used of encryption, the Tor network, VPNs and more such services among journalists as a precautionary measure. Malware, however, is a different threat and the education to protect oneself against malware rarely coincides with learning to use encryption. It is for these reasons and more that Weider went public with his discovery.

A comprehensive account of the Weider’s findings is detailed in his blog here & here with a follow-up after discovering the files hosted on WikiLeaks itself, here.

Malware Woes

Wieder initially noticed WikiLeaks distributing the leaked emails through a list of torrent files. Upon further research, he discovered most of the malware to be embedded within PDF and DOC files. What began as the sharing of torrent files soon transpired into publishing the same malicious content on the WikiLeaks website itself, this time as uncompressed individual files. To help steer clear of the files, Wider compiled a list of the malware-laden files, their locations on WikiLeaks along with basic file information in a Pastebin dump.

doomWhile 5.5 million emails seem painstakingly significant in number and time-consuming to go through, Weider discovered that such numbers were deceptive because a lot of it included flat text email scripts, with no attachments. Such text files aren’t dangerous to those rummaging through the files in the dump, as opposed to original email recipients receiving it via email. The threat of malware comes from the attachments, totaling 178,960 files in 179 folders, by Wieder’s count. Upon running some of the files through an antivirus scanner, he discovered the presence of MyDoom, a classic worm that is predominantly obsolete while barely posing a threat in today’s world of modern computers. Such findings raise concerns about the security measures taken by WikiLeaks before publishing any of the data being hosted on its website, or indeed – if the data is being scanned at all.

He confirms his repeated attempts to contact the popular whistle-blowing website to bring their attention to the presence of malware in files, have gone unanswered. Wieder believes, however, that WikiLeaks is indeed aware of the malware inherent in the files it hosts.  “I was informed that one of the reporters who interviewed me did, in fact, discuss the presence of malware with a Wikileaks representative. So I have every reason to believe they are aware of the issue,” he says.

Hacked has verified the documents present in the dump and specified by Wieder to be malicious.

Significantly, most of the malware’s vulnerable targets have already been patched by their respective developers. Users can breathe easy while treading cautiously if their software is up-to-date with regular security updates. Still, it’s always recommended that one rummaging through the many leaks and file dumps on WikiLeaks does so by opening any hosted files on a disposable virtual machine. The inherent vulnerability here is the belief that reputable, mainstream organizations are expected to host safe content.

“Ultimately, while users are responsible for their own safe browsing, Wikileaks is also responsible for the content they provide to their users,” stressed Weider.

Wikileaks is also responsible for the content they provide to their users. No one can offer their users a complete guarantee of safety, but that does not mean websites ought to take basic precautions to safeguard their files.

A website that circulates malicious software – and that furthermore does so knowingly and without warning their users – does not deserve the trust of its users.

At the time of writing this article, the malware still exists.

Images from Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4 stars on average, based on 1 rated postsSamburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.




Feedback or Requests?

2 Comments

2 Comments

  1. Max Lundgren

    August 31, 2015 at 3:21 pm

    I wonder why this self-styled icon of goodness and openness, honesty.

    Hide themselves on an embassy in the UK, for young people to answer questions about a rape during their stay in Sweden. It became a little too much of a good thing?

    There is hardly one can imagine that this Icon of Justice himself had stolen and hacked to him the information that he committed the great honor of.

    Day t to go home to Australia Mr. Julian rapist Assange.

    • Andrew

      September 8, 2015 at 7:48 pm

      Maybe you should try actually reading the article?

      No one is accusing Wikileaks of having put this malware there. There are two theories, and both relate to other actors embedding the malware.

You must be logged in to post a comment Login

Leave a Reply

Altcoins

EOS Price Forecast: EOS/USD Heading for Another 300% Move?

Published

on

  • EOS/USD price action via the 4-hour chart view has formed a bullish flag pattern.
  • The price is moving around levels seen back end of March to early April, before a bull run of over 300%.

The past six sessions for EOS/USD have been erratic to say the least. It has been subject to a high amount of volatility, swinging aggressively in both directions. There has been a lack of commitment from either the bear or bull camps of late. As the market continues to trade with such behavior, it appears to be trying to find its feet, ahead of a potential chunky firm trend.

EOS DApp Hacked Again

An EOS based gambling DApp, EOSBet has been hacked, with $338,000 being reported as stolen. This isn’t the first time; just back in September, hackers managed to get away with a reported 40,000 worth of EOS, which at the time had a value of $200,000. It has been said that they were able to exploit their smart contracts, having found security vulnerabilities.

Technical Review – 4-hour Chart View

EOS/USD 4-hour chart

EOS/USD price action has formed a bullish flag pattern, which began taking shape on 15th October, after the aggressive price behavior stabilized. The bulls at the time ran the price well up into $6 territory. Consequently, it then met the breached ascending trend line, failing to move back above this area. This followed the sharp breakthrough to the downside, which occurred on 11th October. As a result, a drop of over 15% was seen, forcing EOS/USD to retreat in a demand area, within the $5.0000 level proximity.

Looking to the upside, small near-term resistance is seen at around $5.6100, which is the upper trend line of the mentioned bull flag pattern. A breakout will likely open the doors to a retest of the broken ascending trend line, tracking around $6.1100. Support can be eyed at $5.4600, which marks the lower trend line of the flag. Furthermore, should this fail to hold, EOS/USD could likely fall back down to the serving demand area, within the lower $5.0000 territory.

April 2018 Bull Run

EOS/USD April bull run

In April of this year EOS/USD entered a chunky bull run, gaining over 300%. From the back end of March until 11th April, the price had been stuck within consolidation mode. Resulting in the price trading within a tight range, at levels of where the price is currently seen today.

Something quite astonishing started to unfold. Between the period of 11th April to the 29th April, a bull run of around 290% was seen. Over this time frame EOS/USD went from $5.9500 up to a high of around $23.0811. The price is currently demonstrating a similar behavior to that of what was seen during the mentioned period. It is interesting to note that the price did have historical levels to break through, as it had already run higher during the period of December 2017 and came back down. Finally, this is not to say EOS/USD will observe the same bull run. However, it is an interesting observation to be aware of.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 33 rated postsKen has over 8 years exposure to the financial markets. During a large part of his career, he worked as an analyst, covering a variety of asset classes; forex, fixed income, commodities, equities and cryptocurrencies. Ken has gone on to become a regular contributor across several large news and analysis outlets.




Feedback or Requests?

Continue Reading

Altcoins

“Mass Adoption is the Direction Things Are Taking” – Lionel Wolberger, CTO and Co-Founder of Platin

Published

on

Platin is a new blockchain token-based ecosystem which powers an infrastructure platform that incorporates a proprietary programming language (‘SolidityGEO’), all in the name of accomplishing a so-called decentralized ‘Proof of Location’ protocol.

We reached out to the team to find out more about how their solution works, the current state and future vision.

The result of this outreach was a warm reception from the company’s Chief Technical Officer (CTO) and Co-Founder Lionel Wolberger, with whom we discussed such topics as well as Platin’s: objectives, company ethos, and views on the current state of the crypto space.

Who is Behind Platin?

Lionel Wolberger’s experience with cryptocurrency and blockchain spans as far back as 2011, where he “spoke about it at Cisco Secure Video where our team of cryptographers included the inventor of Public Key Cryptography himself, Prof. Adi Shamir.”.

It wasn’t until two years later before Wolberger got the opportunity to professionally re-engage with crypto technology, when he participated in an experiment on behalf of the Internet Identity Workshop “and decided to study it more closely and see what it was all about.”

In 2017, Lionel Wolberger created Platin alongside co-founder Allon Mason when they “identified the potential for a secure and lightweight Proof of Location protocol on the blockchain.”. Wolberger met mason during academia at Cornell University, having

“always admired his drive and passion for the projects he has developed over the years, particularly XPLace an online marketplace with hundreds of thousands of users and multi-million dollar annual turnover.”

Wolberger also highlights the fact that the team is working alongside secure-location advisor Professor Srdjan Capkun (Director of the Zurich Information Security and Privacy Center, ZISC), which he calls a “privilege”.

“Dr. Capkun is an ideal advisor, as he sits on the major standards committees, and has an inside track to secure GPS and other important technologies associated with secure proof of location.”

What is Platin?

Whilst participating in the “’colored coin’ experiment’” for the Internet Identity Workshop, Wolberger had a fundamental epiphone with regards to his perception of blockchain and the purpose of cryptocurrency:

“it’s not about currency, but an asset tracking system of decentralized trust that could also provide the basis for so much more than just currencies.”

As such, Platin’s purpose is to provide a utility-token based platform which they (on their website) describe as a system for the “Geo-location of digital assets (cryptocurrencies, documents, images, etc.), anywhere on the map, anywhere in the world, in real time.”.

There are a wide range of uses for geo-locational software, from marketing to emergency broadcasting regarding critical events such as national disasters. Official use-cases include:

Lionel Wolberger lists, among the key values of Platin its hardware agnosticism as well as its interoperable nature.

“Interoperable refers to Platin’s protocol, that it is cleanly defined and independent, enabling it to work with many other products or systems, at present or in the future, in many possible implementations with few restrictions. This is achieved by having a clean interface (API, SDK) and is essential as Platin is needs to inter-operate with Android, Apple, many backend systems and blockchain assets.

“Hardware agnostic refers to one aspect of Platin’s Proof of Location protocol, its ability to work with any — all, i possible — geospatially relevant signal sources. This will certainly include GPS, cll towers and wifi, but will extend to BLE, LoRA, Ultrasound, indeed any signal that has relevance for a Proof of Location. This is achieved by having a clear definition of Proof of Location and how a device’s location relates to all this other data.”

Furthermore, the team is planning to implement cross-chain compatibility in the future, including Ethereum / EOS.

A Security Focus

Security is also a key concern and this is echoed in our interview as well as across the website for Platin. The company even mentions KYC / AML with its list of use-cases for the platform.

One way which the company seeks to achieve this is through the use of hardware cold-storage systems for the safe-keeping of all tokens, with their first wallet integration being TrustWallet. They also, according to Wolberger, are anticipating a future partnership with Ledger.

Lionel Wolberger claims that

“Platin has security and privacy baked-in from the start. Some features that reflect this approach include.

  • Platin’s architecture starts with individuals storing their own data, with blinded commitments shared to the network.
  • Platin’s functionality is “opt-in” based, reflecting a deep respect for our users as sovereign digital actors. You opt-in for the sharing of data, whatever you are comfortable with. The default is no sharing.
  • One of our Platin’s hires was a full-time cryptographer, and we are open sourcing our first zero knowledge cryptographic achievement: a ZK Range proof of bounded location. This shows our cryptographic and security passion.
  • Platin’s default pattern is “send the algorithm to the user,” rather than, “have the user send their data to the network.” Our Artificial Intelligence is privacy-preserving in this way.
  • Platin’s three pillars of security are orthogonal, working together to create a secure proof of location that would not be possible with any one of those pillars”

Geolocation and Geofencing

With use cases including retail shopping and other location-based rewards initiatives, Platin incorporates (and is responsible for the effective utilization of) specific technical and methodological processes pertaining to their geo-locational solution / protocol.

This scenario is made fully possible using a technology called ‘geo-fencing’ which is essentially, according to Wolberger, “An ability to restrict and define usage within the boundaries of their regulatory and legal jurisdiction.”

“imagine that a national supermarket chain airdrops coupon for 10% off certain items to celebrate the launch of their new store However, they do not want these coupons to be redeemable at other locations as they want to drive traffic to this new store.

“With a special smart contract, the coupon will only work within the geo-fenced area around the new store.”

Attempts at geo-location are most effective with both the consent and honest participation of both direct and third-party sourced users. Considering tech scandals surrounding personal and public data privacy & security, it has become increasingly difficult to encourage people to confide their personal data sincerely.

This is where rewards-based systems such as Platin come in.

Humanitarian Aid (A Use Case)

Another key use case cited, which Wolberger doubles down on in our discussion is that of charitable coin drops…

“We think it is incredibly important to focus on use cases such as humanitarian aid airdrops.

“While our technology has broad commercial uses, our team is passionate about seeing the project bring new ways to enable ordinary people use cryptocurrency, and an ideal win/win use case is the ability to transfer crypto to people who need assistance.

“Blockchain and cryptocurrency can often seem intimidating to people, but mass adoption is the direction things are taking. Platin wants to ensure that everyone can access and utilize this technology to utilize decentralized funds in a beneficial and potentially life-saving way.”

These partnerships include IsraAID (with whom theys already signed an agreement) in addition to the Swiss Red Cross (with whom they are currently in discussions), where Platin plans to further develop and test their systems and processes with regards to how they will integrate geo-location focused / geo-fenced cryptocurrency airdrops.

Another, tangentially related use-case is:

“the Tokyo Olympics airdrops… we are currently discussing the opportunity with our Tokyo-based partners.

“The Olympics has traditionally seen technological innovation, such as instant replay, virtual video graphics and most recently 5G deployments. This is the year of blockchain, and we look forward to announcing details once we are permitted.”

Final Words

All these features, aims and objectives are tied together by the fact that they are all built upon not only a proprietary – but also a home-grown programming language which third parties can leverage for their own projects when working on the Platin blockchain.

“SolidityGEO extends Ethereum’s Solidity language, GEOS extends EOS’s C++ language. These will equip our partners for fast onboarding into location proofs on the blockchain.”

SolidityGEO is what Platin calls a “location-aware language” created to help the utilisation and implementation of geographic demarcation for token distribution, rewards and airdrops. It will additionally include ZK-Snarks and Starks zero-knowledge proof mechanisms as well as general operating standards such as ISO and W3C.

Finally, with regards to the future:

“Proximity radio technology is being deployed steadily, without any loud publicity. 5G, RTT-enabled Wi-Fi, and IEEE secure proximity radio standards promise highly accurate distance readings via radio. The average person feels this progress in the slow spread of keyless entry–just having a key, fob or smartphone in your pocket to unlock a desired resource such as your car or home. Platin has partners in this space and there are sure to be exciting announcements in the next six months (though they will be quite technical, they will promise rapid progress).”

Featured image courtesy of Shutterstock. 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 12 rated posts




Feedback or Requests?

Continue Reading

Altcoins

Monero Price Analysis: XMR/USD Slips Below Crucial Daily Support Ahead of System Update

Published

on

  • Monero’s navitve token XMR is forced to breach a key area of support by the market bears.
  • XMR/USD was being support by an ascending trend line, running from 14th August.
  • The Monero foundation is scheduled for a routine network upgrade.

Monero Network Update

The Monero foundation is scheduled to update its network on 18th October, as a result this will be bringing a new hard fork to its token. They have been making it a routine process now, hard forking every six months. Their focus being on the likes of increased ring-size for more privacy, with large transactions and tweaking their proof of work algorithm.

In terms of this upgrade, the goal is to enhance efficiency and make some adjustments to the current proof of work algorithm. Ultimately, to make it resistant and curb the threat of ASIC mining. Developers at Monero will be implementing the new Bulletproofs protocol. This will see greater privacy, lower fees and faster verification. It will reduce transaction size by an estimated 80%.

Technical Review – Daily Chart

XMR/USD daily chart

XMR/USD slipped out to the downside from an ascending trend line. As a result, the market bears managed to push for a breach and daily close below on 7th October. The support had been running since 14th August, where the price hit a low of $76.739.  A retest has been seen and pressure is now gradually mounting on Monero’s XMR. In terms of support, the 50DMA has provided some initial comfort for now. Furthermore, the next major downside support is observed in a chunky demand area. This is seen tracking from $86 down to $76. Resistance will now be eyed at $116.550 area, underneath the breached ascending trend line. In proximity to the 100DMA, which may cause some difficulty for the bulls. Elsewhere, further to the north, resistance can be seen within the $125.000 territory. Finally, heavy supply is tracking from $140 up to $150.

Technical Review – 4-hour Chart

XMR/USD 4-hour chart

Despite the above-mentioned daily breakout from the supporting trend line, there is still some hope for XMR/USD in the near-term, because from looking at the 4-hour chart view, the price has been moving within a range-bound block. This narrowing area has been running since 26th September. Fortunately for the price, a fresh wave of selling pressure has been prevented for now.  The lower part of the mentioned range has proven to see some near-term support. Therefore, the protection has been observed from around $112 to the high $111 territory. Although, a breach of this area could see a fast fall back down to sub $100, last traded below here on 12th September. While further downside pressure could force a retreat back down to a firm demand zone. Eyes would be on $86-77 range for buying.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 3.50 out of 52 votes, average: 3.50 out of 52 votes, average: 3.50 out of 52 votes, average: 3.50 out of 52 votes, average: 3.50 out of 5 (2 votes, average: 3.50 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 33 rated postsKen has over 8 years exposure to the financial markets. During a large part of his career, he worked as an analyst, covering a variety of asset classes; forex, fixed income, commodities, equities and cryptocurrencies. Ken has gone on to become a regular contributor across several large news and analysis outlets.




Feedback or Requests?

Continue Reading

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending