Wikileaks released Friday a Vault 7 document dump containing 27 documents from CIA’s Grasshopper network, a platform used to build malware payloads aimed at attacking Windows operating system devices.
“Grasshopper is provided with a variety of modules that can be used by a CIA operator as blocks to construct a customized implant that will behave differently, for example maintaining persistence on the computer differently, depending on what particular features or capabilities are selected in the process of building the bundle. Additionally, Grasshopper provides a very flexible language to define rules that are used to “perform a pre-installation survey of the target device, assuring that the payload will only [be] installed if the target has the right configuration,” the whistleblower organization stated in a press release.
Read: WikiLeaks Vault 7 Marble Shows CIA Ability To Hide Attack Origins
According to WikiLeaks, Grasshopper might be used by CIA to determine whether a PC has antivirus protection and also, which Windows OS it is operating on. The malware is designed to escape detection by major anti-virus software.
“The requirement list of the Automated Implant Branch (AIB) for Grasshopper puts special attention on PSP avoidance, so that any Personal Security Products like ‘MS Security Essentials’, ‘Rising’, ‘Symantec Endpoint’ or ‘Kaspersky IS’ on target machines do not detect Grasshopper elements,” the press release further added.
The new revelation adds to previous ones and sheds light on how law-enforcement agencies use illegal tools to hack into private machines and access customer data.
Read: WikiLeaks Vault 7 Dark Matter Reveals CIA Hacking Tools For Macs, iPhones
The first part of the Vault 7 documents dump was released on March 7 and exposed a large archive of classified CIA documents detailing how the agency hacked into Android and iOS devices. The White House had condemned the leaks at the time, stressing on holding people responsible for leaking classified documents
Our editors found this article on this site using Google and regenerated it for our readers.