Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
WikiLeaks Vault 7: CIA can hack D-Link, Belkin and Linksys routers
#1
https://betanews.com/2017/06/16/wikileak...ryblossom/    WikiLeaks Vault 7: CherryBlossom files show CIA can hack D-Link, Belkin and Linksys routers into listening devices

By Mark WilsonPublished 1 day ago   Wikileaks has released a batch of documents from the middle of 2012 revealing details of the CIA's CherryBlossom project. A joint venture with the Stanford Research Institute, the CherryBlossom files show how the agency can take remote control of routers and other networking devices from numerous manufacturers, transforming them into listening devices.

CherryBlossom also enables the CIA to interfere with both incoming and outgoing traffic. Passwords present little obstacle in many cases and the fact that remote infection is possible makes the implant very simple to install. The documents reveal how the CIA can home in on a target using information such as MAC address, email address, or even chat handles.

By manipulating incoming and outgoing traffic, the CIA could exploit known vulnerabilities on a target's machine to gain further control and gain access to even more information. As well as home-level routers, the documentation includes details of how to target public hotspots and hardware used in larger businesses.

WikiLeaks explains:

The wireless device itself is compromised by implanting a customized CherryBlossom firmware on it; some devices allow upgrading their firmware over a wireless link, so no physical access to the device is necessary for a successful infection. Once the new firmware on the device is flashed, the router or access point will become a so-called FlyTrap. A FlyTrap will beacon over the Internet to a Command & Control server referred to as the CherryTree. The beaconed information contains device status and security information that the CherryTree logs to a database. In response to this information, the CherryTree sends a Mission with operator-defined tasking. An operator can use CherryWeb, a browser-based user interface to view Flytrap status and security info, plan Mission tasking, view Mission-related data, and perform system administration tasks.

WikiLeaks has stuck with its previous position of not releasing the source code for any of the tools mentioned in the documents, but it still serves as a slightly terrifying insight into the capabilities of the CIA.

Check out the full CherryBlossom documentation over on the WikiLeaks' website.

Image credit: Sean Pavone / Shutterstock
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  ASUS warns of Cyclops Blink malware attacks targeting routers tarekma7 0 1,887 03-19-2022 , 02:40 PM
Last Post: tarekma7
  Microsoft creates tool to scan MikroTik routers for TrickBot infections tarekma7 0 780 03-19-2022 , 02:35 PM
Last Post: tarekma7
  Digital Vault ( superantispyware) Available for U.S. customers only mrtrout 0 764 04-09-2021 , 12:30 AM
Last Post: mrtrout
  Multiple security flaws let hackers infiltrate D-Link routers Bjyda 0 1,047 12-17-2020 , 10:18 PM
Last Post: Bjyda
  Most Popular Home Routers Have ‘Critical’ Flaws tarekma7 0 1,446 07-12-2020 , 10:55 PM
Last Post: tarekma7

Forum Jump:


Users browsing this thread: 1 Guest(s)