Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
WikiLeaks Vault 7: CIA can hack D-Link, Belkin and Linksys routers
#1
https://betanews.com/2017/06/16/wikileak...ryblossom/    WikiLeaks Vault 7: CherryBlossom files show CIA can hack D-Link, Belkin and Linksys routers into listening devices

By Mark WilsonPublished 1 day ago   Wikileaks has released a batch of documents from the middle of 2012 revealing details of the CIA's CherryBlossom project. A joint venture with the Stanford Research Institute, the CherryBlossom files show how the agency can take remote control of routers and other networking devices from numerous manufacturers, transforming them into listening devices.

CherryBlossom also enables the CIA to interfere with both incoming and outgoing traffic. Passwords present little obstacle in many cases and the fact that remote infection is possible makes the implant very simple to install. The documents reveal how the CIA can home in on a target using information such as MAC address, email address, or even chat handles.

By manipulating incoming and outgoing traffic, the CIA could exploit known vulnerabilities on a target's machine to gain further control and gain access to even more information. As well as home-level routers, the documentation includes details of how to target public hotspots and hardware used in larger businesses.

WikiLeaks explains:

The wireless device itself is compromised by implanting a customized CherryBlossom firmware on it; some devices allow upgrading their firmware over a wireless link, so no physical access to the device is necessary for a successful infection. Once the new firmware on the device is flashed, the router or access point will become a so-called FlyTrap. A FlyTrap will beacon over the Internet to a Command & Control server referred to as the CherryTree. The beaconed information contains device status and security information that the CherryTree logs to a database. In response to this information, the CherryTree sends a Mission with operator-defined tasking. An operator can use CherryWeb, a browser-based user interface to view Flytrap status and security info, plan Mission tasking, view Mission-related data, and perform system administration tasks.

WikiLeaks has stuck with its previous position of not releasing the source code for any of the tools mentioned in the documents, but it still serves as a slightly terrifying insight into the capabilities of the CIA.

Check out the full CherryBlossom documentation over on the WikiLeaks' website.

Image credit: Sean Pavone / Shutterstock
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Taiwanese Government Warns of Hidden Backdoor in D-Link Routers mrtrout 0 331 06-18-2024 , 07:25 AM
Last Post: mrtrout
  ASUS warns of Cyclops Blink malware attacks targeting routers tarekma7 0 2,073 03-19-2022 , 02:40 PM
Last Post: tarekma7
  Microsoft creates tool to scan MikroTik routers for TrickBot infections tarekma7 0 972 03-19-2022 , 02:35 PM
Last Post: tarekma7
  Digital Vault ( superantispyware) Available for U.S. customers only mrtrout 0 939 04-09-2021 , 12:30 AM
Last Post: mrtrout
  Multiple security flaws let hackers infiltrate D-Link routers Bjyda 0 1,255 12-17-2020 , 10:18 PM
Last Post: Bjyda



Users browsing this thread: 1 Guest(s)