A new and rapid growth trend during the U.S. political season is that various treasure troves of leaked documents now await the masses on the Internet, including via sites like WikiLeaks and "Guccifer 2.0’s” latest Wordpress blog.
The appeal of these sites is that they usually contain and expose previously private and confidential documents, PDF files and email communications. These might be from countries, political parties and a number of other influencers.
Malware can easily lurk within such file dumps since it can be embedded in attachment files like PDFs.
We have shared before how even famous news sites can have dangerous ad domains working in the background, delivering code to your device. But this type of site is different. It is independent of ad networks and doesn’t necessarily mean to do harm, yet still contains hidden dangers of malicious code.
Menlo Security has done a site analysis of the WikiLeaks site and not found surface problems – not with the web site or the web server software, which are first considerations for ensuring user security. And there are no underlying server domains present to potentially serve up harmful code in the shadows.
However, security expert Vesselin Bontchev still found as many as 80 malware vulnerabilities in the content files associated with an exposure of the Turkish government. These included PDFs and attachments that users readily chose to download and read.
Consumers and employees alike need to know that anytime they are downloading files — such as PDFs or DOCs — that the file payload may unknowingly contain malware. This harmful code can infect a device or PC, and later expose personal data to cyber theft and ransomware ploys. To completely protect your employees from any web site serving up malware through documents and files, consider Isolation as part of your security strategy.