
WikiLeaks releases Vault 7 “Grasshopper” - ramblenode
https://wikileaks.org/vault7/#Grasshopper
======
M_Grey
Modular malware... that's nasty and efficient.

This is also interesting, and must make forensic attempts to determine origin
of a hack even harder:

>One of the persistence mechanisms used by the CIA here is 'Stolen Goods' \-
whose "components were taken from malware known as Carberp, a suspected
Russian organized crime rootkit." confirming the recycling of malware found on
the Internet by the CIA. "The source of Carberp was published online, and has
allowed AED/RDB to easily steal components as needed from the malware.". While
the CIA claims that "[most] of Carberp was not used in Stolen Goods" they do
acknowledge that "[the] persistence method, and parts of the installer, were
taken and modified to fit our needs", providing a further example of reuse of
portions of publicly available malware by the CIA, as observed in their
analysis of leaked material from the italian company "HackingTeam".

