Skip to main content
  1. Home
  2. Computing
  3. News

WikiLeaks releases Vault7 info on CIA's 'Grasshopper" custom hacking toolkit

By

wikileaks release reveals cia router hacking tool flag
Image used with permission by copyright holder
WikiLeaks has stirred up some serious controversy and concern with its various Vault7 leaks, which have uncovered numerous CIA hacking projects. The organization isn’t done yet, apparently, as it continues to release information on methods used by the U.S. intelligence agency to break into target computer systems.

The most recent release involves what’s called “Grasshopper,” specifically a collection of software tools used by the CIA to attack Microsoft’s Windows platform. The tools are essentially building blocks that CIA agents can use to snap together custom attacks, as Ars Technica reports.

Recommended Videos

The WikiLeaks Grasshopper release includes a set of user guides that are not unlike those issued by commercial software developers. While not the tools themselves, the documents provide a solid overview of how the tools function and what potential targets might want to look for in determining if their own systems have been subject to CIA attack.

As one document describes:

“Grasshopper is a software tool used to build custom installers for target computers running the Microsoft Windows operating system. An operator uses the Grasshopper builder to construct a custom installation executable.

The operator configures an installation executable to install one or more payloads using a variety of techniques. Each payload installer is built from individually configured components that implement part of the installation procedure.

The operator may designate that installation is contingent on the evaluation of the target environment. Target conditions are described using a custom rule language. The operator may configure the tool to output a log file during execution for later exfiltration.”

Grasshopper includes a variety of tools and techniques for a wide range of hacking functions, including methods for evading antivirus software. The WikiLeaks release also highlights a few of the organizations that use tools like Grasshopper, such as the Advanced Engineering Division (AED) that develops the CIA’s implant code and the Remote Development Branch (RDB) that develops remote implants.

What’s perhaps most fascinating about Grasshopper is its apparent focus on being easy to use. The tools do a lot of the work for agents, such as evaluating systems to make sure the target system has the right configuration for the chosen attack.

It’s likely that WikiLeaks will continue to release this kind of information. Whether or not it makes hackers’ jobs easier by giving them hints as to what kinds of tools are most effective remains an open question. But there’s no doubt that the most recent information makes the CIA’s job more difficult, including the fact that it holds the agency up to some ridicule for allowing the information to leak in the first place.

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
Intel may be shipping Battlemage GPUs, but it’s not what it seems
Intel Arc A580 graphics card on a pink background.

Intel's upcoming Battlemage graphics cards might be a lot closer than they seemed to be. A GPU dubbed "BMG B580" appeared in a recent shipping manifest -- but it's not quite what it might seem. On the bright side, this isn't the only sign that Intel's best graphics cards are on the immediate horizon.

The shipping manifest, first spotted by josefk972 on X, actually dates back to September 18, but it went unseen up until now. The manifest refers to the BMG B580 -- which, in all likelihood, will be the successor to Intel's budget Arc A580. However, it's not the GPU itself that's being shipped; Intel is only shipping the retail boxes for the B580.

Read more
U.S. government to Google: sell Chrome
Google Chrome browser running on Android Automotive in a car.

Google might have to sell Chrome, despite its ranking as the best browser you can use. After ruling that Google has illegally monopolized the search market, the U.S. Department of Justice is pushing for Google to sell off Chrome to break up its search dominance. Chrome currently represents over 65% of the browser market, far ahead of any competitors.

According to Bloomberg's reporting, officials from the DOJ and several states who have joined the case will recommend to federal judge Amit Mehta that Google sell off Chrome in order to rebalance the scales. Google parent company Alphabet has been involved in the lawsuit since early 2020. In August, Mehta ruled that Google illegally obtained a search monopoly and called for sanctions against the tech giant.

Read more
Get an Alienware RTX 4090 gaming PC while it’s $1,000 off
The side of the Alienware Aurora R15 desktop.

There are some great early Black Friday deals happening right now, with one key highlight being the Dell Black Friday sale. Right now, you can save $1,000 on an Alienware Aurora R16 gaming desktop PC, bringing it down to just $3,000 from $4,000. A fantastic investment for anyone who wants the latest technology, this is one of the gaming PC deals you should really pay attention to. If you’re in the market for a high-end gaming PC, read on while we take you through all it has to offer.

Why you should buy the Alienware Aurora R16 gaming desktop
Alienware is known for making some of the best gaming PCs around and is certainly a big hit with gamers. With the Alienware Aurora R16 gaming desktop, it’s kind of obvious why: It’s absolutely packed with great hardware. There’s an Intel Core i9-14900KF processor, 64GB of RAM, and 2TB of SSD storage. As a bigger highlight, there’s also an Nvidia GeForce RTX 4090 graphics card with 24GB of dedicated VRAM. Combined, that’s quite the potent combination if you plan on playing all the latest games at ultra detail levels.

Read more