Saturday April 08, 2017

WikiLeaks Drops the CIA’s Secret How-To for Infecting Windows

Yesterday saw the release of Vault7 documents that elaborate on "Grasshopper," a set of software tools used by the CIA to compromise Windows systems. Agents would use this package to build their own executables by determining the target environment and ticking off the appropriate variables. Some claim that Grasshopper is utterly redundant if the target is running Windows 10, however (I kid, I kid).

News Image

The technical manuals provide a behind-the-scenes look that, for the first time, reveals how the CIA goes about spying on targets that use computers running Microsoft's Windows operating system. Topics that are covered include ways to evade antivirus protection provided by Microsoft's Windows Defender, Symantec, and Kaspersky Lab. Also of interest is the CIA's borrowing of the Carberp, a powerful piece of bank-fraud malware that once fetched as much as $40,000 in underground forums. Once the Carberp source code was leaked in 2013, security experts warned it was akin to "handing a bazooka to a child."