It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
WikiLeaks just dropped another CIA tool called Grasshopper
page: 115
share:
Searching for something to take my mind off the Syria attack and found this from the Vault series. Unfortunately it doesn't make me feel better,
just shows one more way agencies can make things up and lie
twitter
I am not tech oriented so those who are can figure it out
I am not tech oriented so those who are can figure it out
a reply to: liveandlearn
Saw that earlier but it went under the radar with today's actuality.
Saw that earlier but it went under the radar with today's actuality.
Grasshopper
7 April, 2017
Today, April 7th 2017, WikiLeaks releases Vault 7 "Grasshopper" -- 27 documents from the CIA's Grasshopper framework, a platform used to build customized malware payloads for Microsoft Windows operating systems.
Grasshopper is provided with a variety of modules that can be used by a CIA operator as blocks to construct a customized implant that will behave differently, for example maintaining persistence on the computer differently, depending on what particular features or capabilities are selected in the process of building the bundle. Additionally, Grasshopper provides a very flexible language to define rules that are used to "perform a pre-installation survey of the target device, assuring that the payload will only [be] installed if the target has the right configuration". Through this grammar CIA operators are able to build from very simple to very complex logic used to determine, for example, if the target device is running a specific version of Microsoft Windows, or if a particular Antivirus product is running or not.
Grasshopper allows tools to be installed using a variety of persistence mechanisms and modified using a variety of extensions (like encryption). The requirement list of the Automated Implant Branch (AIB) for Grasshopper puts special attention on PSP avoidance, so that any Personal Security Products like 'MS Security Essentials', 'Rising', 'Symantec Endpoint' or 'Kaspersky IS' on target machines do not detect Grasshopper elements.
One of the persistence mechanisms used by the CIA here is 'Stolen Goods' - whose "components were taken from malware known as Carberp, a suspected Russian organized crime rootkit." confirming the recycling of malware found on the Internet by the CIA. "The source of Carberp was published online, and has allowed AED/RDB to easily steal components as needed from the malware.". While the CIA claims that "[most] of Carberp was not used in Stolen Goods" they do acknowledge that "[the] persistence method, and parts of the installer, were taken and modified to fit our needs", providing a further example of reuse of portions of publicly available malware by the CIA, as observed in their analysis of leaked material from the italian company "HackingTeam".
The documents WikiLeaks publishes today provide an insights into the process of building modern espionage tools and insights into how the CIA maintains persistence over infected Microsoft Windows computers, providing directions for those seeking to defend their systems to identify any existing compromise
I'm not tech savvy in the least, I'm from a previous generation that did not grow up with computers. When I was a kid, a transistor radio and later,
a calculator from Texas Instruments was as technical as it got.
However, after having to purchase constant protection for my computer, and the literally tens of thousands of updates every month from Windows, I switchted to Linux. I love it. No more being forceably hooked up to Microsoft and being a prisoner to their update whims and constant 'patches' on their swiss-cheese program full of holes.
I've used it for 4 years now and highly recommend the change, for those who don't want to keep buying malware protection every year, and feel a bit of resentment towards Mr. Gates, who is in collusion with the government and left open more back doors for their spying than unattended kids at a daycare.
However, after having to purchase constant protection for my computer, and the literally tens of thousands of updates every month from Windows, I switchted to Linux. I love it. No more being forceably hooked up to Microsoft and being a prisoner to their update whims and constant 'patches' on their swiss-cheese program full of holes.
I've used it for 4 years now and highly recommend the change, for those who don't want to keep buying malware protection every year, and feel a bit of resentment towards Mr. Gates, who is in collusion with the government and left open more back doors for their spying than unattended kids at a daycare.
It looks like a simple method of hiding data transfer, just enough encryption by the use of XOR to not trigger the firewall / security system as it
doesn't require much work but now its known the companies will patch their software to sort out the risk.
Modular viruses, most normally work on things like checksum or other ways but the problem is a lot of normal code can look like a virus so theres always a trade off as you get the 'my AV bricked my system' reports and even code heuristics doesn't always help.
By the time the CIA are interested in you lets just say you are a spear fishing target and as such will be a high value target so Dave in the garage won't be a target.
Modular viruses, most normally work on things like checksum or other ways but the problem is a lot of normal code can look like a virus so theres always a trade off as you get the 'my AV bricked my system' reports and even code heuristics doesn't always help.
By the time the CIA are interested in you lets just say you are a spear fishing target and as such will be a high value target so Dave in the garage won't be a target.
a reply to: FissionSurplus
Well, I was around when my grandparents got an early TV, about 1949-50. Caught on relatively fast to my first computer and became the go to person in the family. Didn't keep up a couple of years and lost it.
So did you have someone install Linux and how well does it work with other programs?
Well, I was around when my grandparents got an early TV, about 1949-50. Caught on relatively fast to my first computer and became the go to person in the family. Didn't keep up a couple of years and lost it.
So did you have someone install Linux and how well does it work with other programs?
a reply to: FissionSurplus
Lost power during a Windows 10 update if you interfere with an update your computer will be scrambled you have to reset it to its original settings,you loose the lot if they cant have it you cant either.
Lost power during a Windows 10 update if you interfere with an update your computer will be scrambled you have to reset it to its original settings,you loose the lot if they cant have it you cant either.
a reply to: liveandlearn
Most linux distros a easy to install.
Don't plan on running typical off the shelf software that runs on Windows unless you're tech saavy enough to operate a Virtual Machine under Wine emulator.
There's a plethora of Linux apps, I haven't found a need for ANY MS-based software (except TurboTax).
ganjoa
Most linux distros a easy to install.
Don't plan on running typical off the shelf software that runs on Windows unless you're tech saavy enough to operate a Virtual Machine under Wine emulator.
There's a plethora of Linux apps, I haven't found a need for ANY MS-based software (except TurboTax).
ganjoa
originally posted by: khnum
a reply to: FissionSurplus
Lost power during a Windows 10 update if you interfere with an update your computer will be scrambled you have to reset it to its original settings,you loose the lot if they cant have it you cant either.
Even if you don't interrupt a Windows 10 update, it will still frazzle your computer. Had that happen to me last night. Was about to update my online shopping delivery for today, when Windows decided it was going to do some updates. I only had an hour to make the deadline for the order, but oh no, Windows just has to do an update right there an then. Waited an hour, then it restarted twice. Once finished, my network connections were scrambled. At least I was able to go back to an earlier version. Fortunately, it's a dual boot system with Linux on the other partition.
There are just too many squirrelly places on a PC where malware can be stashed; the UEFI, which are little blocks of software than can be loaded on the motherboard memory chips of your PC and have access to all resources such as memory and Internet connections. Then there is the OS and device drivers, the web browsers and plugins, not forgetting the ability to Chromecast and Miracast your screen to other devices. I'm still trying to investigate that one.
new topics
-
Las Vegas UFO Spotting Teen Traumatized by Demon Creature in Backyard
Aliens and UFOs: 1 hours ago -
2024 Pigeon Forge Rod Run - On the Strip (Video made for you)
Automotive Discussion: 2 hours ago -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues: 3 hours ago -
The functionality of boldening and italics is clunky and no post char limit warning?
ATS Freshman's Forum: 4 hours ago -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News: 4 hours ago -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 5 hours ago -
Weinstein's conviction overturned
Mainstream News: 6 hours ago -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics: 7 hours ago -
Krystalnacht on today's most elite Universities?
Social Issues and Civil Unrest: 8 hours ago -
Chris Christie Wishes Death Upon Trump and Ramaswamy
Politicians & People: 8 hours ago
top topics
-
Krystalnacht on today's most elite Universities?
Social Issues and Civil Unrest: 8 hours ago, 9 flags -
Weinstein's conviction overturned
Mainstream News: 6 hours ago, 7 flags -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics: 7 hours ago, 6 flags -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media: 10 hours ago, 6 flags -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 5 hours ago, 4 flags -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News: 4 hours ago, 4 flags -
Chris Christie Wishes Death Upon Trump and Ramaswamy
Politicians & People: 8 hours ago, 2 flags -
Any one suspicious of fever promotions events, major investor Goldman Sachs card only.
The Gray Area: 12 hours ago, 2 flags -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues: 3 hours ago, 2 flags -
2024 Pigeon Forge Rod Run - On the Strip (Video made for you)
Automotive Discussion: 2 hours ago, 1 flags
active topics
-
VP's Secret Service agent brawls with other agents at Andrews
Mainstream News • 55 • : CarlLaFong -
Cats Used as Live Bait to Train Ferocious Pitbulls in Illegal NYC Dogfighting
Social Issues and Civil Unrest • 23 • : Ravenwatcher -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News • 8 • : chr0naut -
-@TH3WH17ERABB17- -Q- ---TIME TO SHOW THE WORLD--- -Part- --44--
Dissecting Disinformation • 680 • : 777Vader -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics • 73 • : xuenchen -
Is there a hole at the North Pole?
ATS Skunk Works • 40 • : Oldcarpy2 -
Fossils in Greece Suggest Human Ancestors Evolved in Europe, Not Africa
Origins and Creationism • 89 • : whereislogic -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media • 197 • : NorthOS -
Candidate TRUMP Now Has Crazy Judge JUAN MERCHAN After Him - The Stormy Daniels Hush-Money Case.
Political Conspiracies • 790 • : Oldcarpy2 -
Weinstein's conviction overturned
Mainstream News • 20 • : Xtrozero
15