Grasshopper Windows Hacking Frame – CIA Hacks Everyone


Apr 8 2017


Do we need any more reasons not to trust the government, especially the CIA? Well, thanks to Wiki Leaks we now have one more reason not to, and it is called “Grasshopper.”

According to the leaked information, Grasshopper framework allows the agency members to easily create custom malware. The Grasshopper framework will automatically put together the components sufficient for attacking a Windows machine, and once the target is selected the framework then puts together an  installer that CIA agency members can use to install custom malware on the tart computer.

“The documents WikiLeaks publishes today provide an insights into the process of building modern espionage tools and insights into how the CIA maintains persistence over infected Microsoft Windows computers, providing directions for those seeking to defend their systems to identify any existing compromise,” WikiLeaks said.

Grasshopper allows tools to be installed and run on a machine without detection using PSP avoidance, allowing it to avoid Personal Security Products such as ‘MS Security Essentials,’ ‘Rising,’ Symantec endpoint’ or ‘Kaspersky IS.’

A Grasshopper executable contains one or more installers. And installer is a sstack of one or more installer components,” reads the manual. “Grasshopper invokes each component of the stack in series to operate on a payload. The ultimate purpose of an installer is to persist a payload.

CIA’s Grasshopper Uses ‘Stolen’ Russian Malware

Stolen Goods (Version 2)  components mechanism were taken from a malware known as Carperb, “a suspected Russian organized crime rootkit,” alleges Wikileaks.  Which means they can make it look like the Russians hacked something they actually did not.

The goal of this release is to help users seeking to defend their systems against any existing compromised security systems, Wickileaks stated. While I am sure it will not be easy to defend against this, with the knowledge that is out there steps can be taken to secure ourselves from it.

While we also do not know how the CIA has used the Grasshopper framework, but we do know according to  WikiLeaks that  the tools were used some time between 2012 and 2015.Other documents Wikileaks has revealed/ released are the “Year Zero” batch which uncovered CIA hacking exploits for popular hardware and software, the “Dark Matter” batch which focused on exploits and hacking techniques the agency designed to target iPhones and Macs, and the third batch called “Marble.”


This entry was posted in Articles. Bookmark the permalink.