Home / News I have a News Tip

WikiLeaks Releases CIA Documents on Grasshopper Framework for Building Customized Malware Payloads

WikiLeaks on Friday released a new set of leaks — Vault 7 "Grasshopper" — containing 27 documents from the CIA's Grasshopper framework, a platform used to build customized malware payloads for Microsoft Windows operating systems. WikiLeaks, April 7: "Grasshopper is provided with a variety of modules that can be used by a CIA operator as blocks to construct a customized implant that will behave differently, for example maintaining persistence on the computer differently, depending on what particular features or capabilities are selected in the process of building the bundle. Additionally, Grasshopper provides a very flexible language to define rules that are used to 'perform a pre-installation survey of the target device, assuring that the payload will only [be] installed if the target has the right configuration'. Through this grammar CIA operators are able to build from very simple to very complex logic used to determine, for example, if the target device is running a specific version of Microsoft Windows, or if a particular Antivirus product is running or not."

Related topics: Malware

 
   

Don't miss a thing – get the Weekly Wrap delivered to your inbox.

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Dig Deeper

Cybersecurity

Sponsored by Verisign

DNS Security

Sponsored by Afilias

Mobile Internet

Sponsored by Afilias Mobile & Web Services

IP Addressing

Sponsored by Avenue4 LLC

Promoted Post

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s. more»

Industry Updates – Sponsored Posts

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

Defending Against Layer 7 DDoS Attacks

MarkMonitor Partners with CYREN to Deepen Visibility into Global Phishing Attacks

Is Your TLD Threat Mitigation Strategy up to Scratch?

Resilient Cybersecurity: Dealing with On-Premise, Cloud-Based and Hybrid Security Complexities

The Framework for Resilient Cybersecurity (Webinar)

2015 Trends: Multi-channel, Streaming Media and the Growth of Fraud

Protect Your Network From BYOD Malware Threats With The Verisign DNS Firewall

Introducing the Verisign DNS Firewall

TLD Security, Spec 11 and Business Implications

Verisign iDefense 2015 Cyber-Threats and Trends

The Latest Internet Plague: Random Subdomain Attacks

Digging Deep Into DNS Data Discloses Damaging Domains

Smokescreening: Data Theft Makes DDoS More Dangerous

Reducing the Risks of BYOD with Nominum's Security Solution

Nominum Releases New Security Intelligence Application

Our New Initiatives To Combat Botnets

Q1 2012 Fraud Intelligence Report

How Secure is Your Mobile Network? And Does It Even Matter? (Webinar)

Nominum Launches 1st Comprehensive Mobile Security Solution That Protects Both Network and End User