Wikileaks Unveils 'Cherry Blossom' — Wireless Hacking System Used by CIA

in #wikileaks7 years ago

WikiLeaks has published a new part of the Vault 7 (CIA) leaks. The latest leak is a framework used by the Cia to exploit popular consumer routers dubbed "Cherry Blossom".

Cherry Blossom was designed by the CIA with the help of Stanford Research Institute (SRI International), an American nonprofit research institute.

Cherry Blossom is basically a remotely controllable firmware-based implant for wireless networking devices, including routers and wireless access points (APs), which exploits router vulnerabilities to gain unauthorized access which then replaces manufacturer firmware with their custom firmware.

The framework is used to perform man in the middle attacks where attackers (CIA) can perform all sorts of monitoring and malicious tasks, which include:

  • Monitoring network traffic to collect email addresses, chat user names, MAC addresses, and VoIP numbers.

  • Redirecting connected users to malicious websites

  • Injecting malicious content into the data stream to fraudulently deliver malware and compromise the connected systems.

  • Setting up VPN tunnels to access clients connected to Flytrap's WLAN/LAN for further exploitation.

  • Full plaintext logging of all network traffic

According to an installation guide, the CherryTree C&C server must be located in a secure sponsored facility and installed on Dell PowerEdge 1850 powered virtual servers, running Red Hat Fedora 9, with at least 4GB of RAM.ell PowerEdge 1850 powered virtual servers, running Red Hat Fedora 9, with at least 4GB of RAM.

Known vulnerable brands include:

Belkin, D-Link, Linksys, Aironet/Cisco, Apple AirPort Express, Allied Telesyn, Ambit, AMIT Inc, Accton, 3Com, Asustek Co, Breezecom, Cameo, Epigram, Gemtek, Global Sun, Hsing Tech, Orinoco, PLANET Technology, RPT Int, Senao, US Robotics and Z-Com

Sort:  

Some direct copy/paste from: http://thehackernews.com/2017/06/cia-wireless-router-hacking-tool.html

Not indicating that the content you copy/paste is not your original work could be seen as plagiarism.

Some tips to share content and add value:

  • Using a few sentences from your source in “quotes.” Use HTML tags or Markdown.
  • Linking to your source
  • Include your own original thoughts and ideas on what you have shared.

Repeated plagiarized posts are considered spam. Spam is discouraged by the community, and may result in action from the cheetah bot.

Thank You! ⚜

Thanks for the information. As you can see this is a new account so I apologize as i'm still figuring everything out. I will take your advice, but ill be posting original content for now on.