WikiLeaks on Friday published additional 27 documents, part of a Vault 7, a larger series of releases of CIA classified documents, with the latest batch focused on the Grasshoper platform for building malware, the whistleblowing organization said in a press release.
“Today, April 7th 2017, WikiLeaks releases Vault 7 “Grasshopper” — 27 documents from the CIA’s Grasshopper framework, a platform used to build customized malware payloads for Microsoft Windows operating systems,” the Wikileaks press release read.
According to the whistleblower site, Grasshopper may be used by CIA to determine whether the operating system is being protected by a certain anti-virus or what version of Windows it is operating on.
“Grasshopper is provided with a variety of modules that can be used by a CIA operator as blocks to construct a customized implant that will behave differently, for example maintaining persistence on the computer differently, depending on what particular features or capabilities are selected in the process of building the bundle. Additionally, Grasshopper provides a very flexible language to define rules that are used to ‘perform a pre-installation survey of the target device, assuring that the payload will only [be] installed if the target has the right configuration’.”
The program allows to create tools that go undetected by major anti-viruses.
The Wikileaks added that the Grasshopper batch sheds lights on “the process of building modern espionage tools and insights into how the CIA maintains persistence over infected Microsoft Windows computers, providing directions for those seeking to defend their systems to identify any existing compromise.”
On March 7, WikiLeaks released the first part of what it called an unprecedentedly large archive of CIA-related classified documents. According to the website, a large archive comprising various viruses, malware, software vulnerability hacks and relevant documentation, was uncovered by US government hackers, which is how WikiLeaks gained access to some of the data from the trove.
The “Year Zero” batch was followed by the “Dark Matter” released on Match 23. The third batch called “Marble” was released on March 31.
The White House has condemned the leaks, stressing that those responsible for leaking classified information should be held accountable in accordance with the law.