[EthanHeilman]

MD5 is both vulnerable to collision attacks and targeted collision attacks. We can imagine both in the wikileaks case. You are correct that Target collision attacks are more difficult but they have been done in research for many years now[0](2006) and they are showing up in the wild as well[1](2012).

[0]: http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.140....

[1]: http://blogs.technet.com/b/srd/archive/2012/06/06/more-infor...

[sp332]

Those are both chosen-prefix attacks. They're impressive, but not relevant to this case where one file is completely out of the attacker's control.