Stratfor, a US think tank dealing in security matters, was hacked by Jeremy Hammond in late 2011, who then passed its email archives to WikiLeaks in early 2012. Wikileaks made the dump public like it does with every other leaked document it receives. Wieder scrubbed through the five million odd emails dump only to find a malware hidden in many of the documents. According to Wieder, lot of the malware is smuggled in as VBScript macros, or OLE and PE files. It’s possible there are more infected files lurking in WikiLeaks’ databases of unfiltered data. One of the internal memo dated February 2011 about Cyrenaica and Tripolitania in the Stratfor leaks triggers malware alarms on VirusTotal because it includes a code-execution exploit for Microsoft Office on Windows and Mac (CVE-2010-3333). Wieder, who has blogged about his findings here and in more detail here, has made a list of Stratfor emails which contain such malware. The list can be found on the Paste here. Weider says that he tried to contact the Wikileaks admin but received no response despite his elaborate research regarding malware hidden in the dumps. Wieder finally says that the malware may not be just limited to the Stratfor dump on Wikileaks and curated content may also contain such kind of malwares.
