WikiLeaks Vault 7: CherryBlossom files show CIA can hack D-Link, Belkin and Linksys routers into listening devices
Wikileaks has released a batch of documents from the middle of 2012 revealing details of the CIA's CherryBlossom project. A joint venture with the Stanford Research Institute, the CherryBlossom files show how the agency can take remote control of routers and other networking devices from numerous manufacturers, transforming them into listening devices.
CherryBlossom also enables the CIA to interfere with both incoming and outgoing traffic. Passwords present little obstacle in many cases and the fact that remote infection is possible makes the implant very simple to install. The documents reveal how the CIA can home in on a target using information such as MAC address, email address, or even chat handles.
By manipulating incoming and outgoing traffic, the CIA could exploit known vulnerabilities on a target's machine to gain further control and gain access to even more information. As well as home-level routers, the documentation includes details of how to target public hotspots and hardware used in larger businesses.
The wireless device itself is compromised by implanting a customized CherryBlossom firmware on it; some devices allow upgrading their firmware over a wireless link, so no physical access to the device is necessary for a successful infection. Once the new firmware on the device is flashed, the router or access point will become a so-called FlyTrap. A FlyTrap will beacon over the Internet to a Command & Control server referred to as the CherryTree. The beaconed information contains device status and security information that the CherryTree logs to a database. In response to this information, the CherryTree sends a Mission with operator-defined tasking. An operator can use CherryWeb, a browser-based user interface to view Flytrap status and security info, plan Mission tasking, view Mission-related data, and perform system administration tasks.
WikiLeaks has stuck with its previous position of not releasing the source code for any of the tools mentioned in the documents, but it still serves as a slightly terrifying insight into the capabilities of the CIA.
Check out the full CherryBlossom documentation over on the WikiLeaks' website.