PDA

View Full Version : Wikileaks reveals Grasshopper, the CIA's tool for infecting Microsoft Windows computers



Aragorn
8th April 2017, 02:00
Yes, the CIA — like every autocratic alphabet soup agency out there — are a bunch of psychopathic b*st*rds. But truth be told, had Microsoft developed Windows as a sensible operating system from the ground up instead of as a legacy design ported over from MS-DOS and crudely bolted on top of an illegally copied (and basically incompatible) VMS kernel, then it wouldn't have been so easy to exploit.

Let's face it: no other software company and no other operating system have ever done so much for the proliferation of malware in the history of information technology as Microsoft and their Windows platform. If it weren't for them, then there wouldn't even have been any anti-malware industry — and a very lucrative industry it is, for that matter.

Luckily however, this is not a problem I myself have to deal with. That is not to say that no other operating systems contain vulnerabilities, but those are usually just coding errors, rather than actual design flaws, and thanks to the Free & Open Source Software community, those vulnerabilities are commonly patched within one or two days after they've been discovered.

You know, there's a reason as to why Microsoft needs to have bundle sales deals with desktop computer vendors so that the machines come pre-installed with Microsoft Windows. If you look at Microsoft's market share in the server rooms, on supercomputers and even on mobile devices, then that says it all: almost nobody will voluntarily buy into Windows, because the true specialists know that it's crap.


:fpalm:






http://3.bp.blogspot.com/-ZJ4OXkKmoNk/UGZ2XTY3NDI/AAAAAAAABBc/rS42Qeu5sEw/s1600/Central+Intelligence+Agency+%5BCIA%5D+%5BEMBLEM+Lo go%5D%5B1.5%5D.png
http://www.factfiend.com/wp-content/uploads/2014/10/windows-logo.png




Source: The Next Web (https://thenextweb.com/security/2017/04/07/wikileaks-reveals-grasshopper-cias-windows-hacking-tool/#.tnw_grlewAi0)



In case you haven’t had your dose of paranoia fuel today, WikiLeaks released new information concerning a CIA malware program called “Grasshopper”, that specifically targets Windows (https://thenextweb.com/topic/windows/).

The Grasshopper framework was (is?) allegedly used by the CIA to make custom malware payloads. According to the user guide (https://wikileaks.org/vault7/document/Grasshopper-v2_0_2-UserGuide/):



"Grasshopper is a software tool used to build custom installers for target computers running Microsoft Windows operating systems."


Grasshopper is designed to detect the OS and protection on any Windows computer on which it’s deployed, and it can escape detection by anti-malware software. If that was enough for you to put your computer in stasis, brace yourself for a doozy: Grasshopper reinstalls itself every 22 hours, even if you have Windows Update disabled.



https://pbs.twimg.com/media/C8z0zOAV0AA2rGb.jpg

As if this wasn’t alarming enough, the Grasshopper user guide even states upfront that Grasshopper uses bits from a toolkit taken from Russian organized crime.

I’d give some advice on how to duck any potential Grasshoppers, but I’m honestly at a loss. And considering I’m writing this from a Windows computer, I guess all I can say is, “Good luck.”


Read more: Grasshopper on Wikileaks (https://wikileaks.org/vault7/#Grasshopper)


Source: The Next Web (https://thenextweb.com/security/2017/04/07/wikileaks-reveals-grasshopper-cias-windows-hacking-tool/#.tnw_grlewAi0)

Gale Frierson
8th April 2017, 21:17
Sort of a "Can't win for losing" scenario, eh wot?