VirusTotal Data Leak

by Alberto Matus

A super small size file of only 313 Kilobytes made public exposes 5,600 names that include personnel from NSA and German Intelligent services. This all took place on the VirusTotal platform. VirusTotal is a popular platform used to perform online analysis of suspicious files used heavily by IT security experts. In essence, it is a data-rich platform that contains databases of malicious software whereby users can upload individual files or links which are then compared to see if they are indeed malware. It is sort of a digital library of malicious code that can be used to fight cyber-attacks.

Yesterday, Der Standard and Der Spiegel alerted everyone about the data leak. As mentioned this leak contained data of high-profile individuals in US and German intelligent services. In addition, the following can be summarized as a list of others:

  • The US Cyber Command (the US military’s hacking unit), the US Department of Justice, the FBI, and the US intelligence agency NSA
  • Official bodies from the Netherlands, Taiwan, and Great Britain
  • Many German organizations including the Federal Police, the Federal Criminal Police Office, the Military Counterintelligence Service (MAD), and the Federal Office for Telecommunications Statistics.
  • Big German companies (Deutsche Bahn, Bundesbank, Allianz, BMW, Mercedes-Benz, Deutsche Telekom)

While only names and email addresses have been leaked, it’s still enough for a spear-phishing campaign to be conducted.

When asked for comment, a Google Spokesperson responded – “We are aware of the unintentional distribution of a small segment of customer group administrator emails and organization names by one of our employees on the VirusTotal platform. We removed the list from the platform within an hour of its posting and are looking at our internal processes and technical controls to improve our operations in the future”

It’s important to realize the gravity of email addresses and names of individuals in a data leak such as this, especially one that deals with the head of security for various intelligence services.

You may also like

Leave a Comment

Update Required Flash plugin