Top

WikiLeaks just dumped CIA's Windows hacking tool online

Wikileaks released 27 documents revealing a set of software tools codenamed Grasshoper used to customise malware for Windows computers

Wikileaks has published yet another batch of exploits outlined in the US Central Intelligence Agency documents as part of its “Vault 7” leak, released on March 9.

On April 7, Wikileaks made a tranche of 27 documents public, demonstrating a set of software tools codenamed “Grasshoper” used to customise malware for Windows computers, reported Arstechnica.

According to reports, the CIA’s Advanced Engineering Division and Remote Development Branch modified the malware, while the Grasshopper setup allows the agency to customise its ability to target computers running on Windows operating system, reinstall itself and evade antivirus protection provided by Microsoft's Windows Defender, Symantec, and Kaspersky Lab.

Grasshopper provides tools that "perform a pre-installation survey of the target device, assuring that the payload will only [be] installed if the target has the right configuration." It also allows users to customize persistence mechanisms and antivirus evasion to the specific computer that's being targeted.

Additionally, Wikileaks also released a user manual called “Stolen Goods” that will help Grasshopper continue to exist even after victim’s machine is rebooted.

Next Story