Skip to main content
  1. Home
  2. Computing
  3. News

Wikileaks release reveals CIA broke into many popular wireless routers

By

wikileaks release reveals cia router hacking tool flag
Image used with permission by copyright holder
Wikileaks and its cache of CIA documents are making the news again, this time concerning an agency tool that is used to hack into a variety of the most popular Wi-Fi routers. Apparently, the tool allowed the CIA to break into routers and perform a variety of surveillance and other functions for years now, ZDNet reports.

The documents, which could not be immediately verified, are part of an ongoing series of leaks released by the website WikiLeaks.

Recommended Videos

Dubbed “Cherry Blossom,” the hacking tool was able to attack around 25 routers from a variety of manufacturers in 2012. According to a document titled “Cherry Bomb: Cherry Blossom (CB) User’s Manual,” the tool can essentially be injected into the router’s original firmware and then a new version with CB implanted can be used to upgrade the router.

According to the document:

“As of August 2012, CB-implanted firmware can be built for roughly 25 different devices from 10 different manufacturers (including Asus, Belkin, Buffalo, Dell, Dlink, Linksys, Motorola, Netgear, Senao, and US Robotics), although only 7 devices have undergone the formal FAT procedure … Additionally, the CB implant has been built for a few Motorola WiMax devices under the Roundhouse project.”

CB allowed the CIA to perform a number of functions once a router was compromised, all included under the general category of creating a “Flytrap.” A Flytrap is defined in the document as “a wireless device that has been implanted with CB firmware,” and it can do everything from hiding its presence, to sending a beacon reporting its status and security settings, to committing suicide if it cannot send a beacon.

WikiLeaks/ZDNet
WikiLeaks/ZDNet

Once it is up and running, the Flytrap can harvest email addresses and chat users, redirect browsers to whatever site the CIA desires, and more. All of this can be targeted by a user’s email address, geolocation, wireless adapter address, chat usernames, and voice-over-IP (VoIP) phone numbers. Simply put, a router that has been compromised by CB become a fairly powerful tool that allows the CIA to direct a target’s internet usage and gather significant amounts of information.

There are many additional details in the leaked document, and as ZDNet points out there is no indication of whether the CIA is still using Cherry Blossom. Router vulnerabilities are well-documented lately and in a twist of irony, the Federal Trade Commission (FTC) has been active in pushing router manufacturers to improve their security. In the meantime, the best that users can do is make sure that their routers are updated with the latest firmware and then hope that the manufacturers are doing their jobs in making them more secure.

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
Best Apple deals: Save on AirPods, Apple Watch, iPad, MacBook
Apple MacBook Air M1 open, on a table.

Between some of the best wireless earbuds, the best smartwatches, the best laptops, and even the best tablets, Apple is one of the biggest tech companies in the world, and it's hard to argue with how popular it's become. Of course, being a premium brand with some of the best gear does mean that it's pretty expensive, and for those who love the Apple ecosystem, it can be hard to justify buying something within it, given the price. Luckily, there are a lot of excellent deals floating around from various online retailers, like Amazon or Best Buy, and that includes things like trade-in offers and special offers for Prime and My Best Buy members.

That's why we've gone out and searched through various big retailers to find you some of the best deals we can find. That includes everything from the MacBook deals, AirPods deals, Apple TV deals and Apple Watch deals to the AirTag, so hopefully, you can find the perfect deal that fits your needs and budget.
Apple AirTag (4-Pack) -- $79, was $99

Read more
Hacker group says it carried out Christie’s cyberattack
A digital depiction of a laptop being hacked by a hacker.

A hacker group has claimed responsibility for a cyberattack that targeted auction house Christie’s earlier this month, the New York Times reported on Monday.

The attack, which disrupted the auction house's website, took place just before the start of its high-profile spring sales event involving more than $850 million worth of art, forcing Christie's to suspend online bidding and accept offers only by phone or in person.

Read more
Chromebooks get new AI features and Gemini Advanced for free
Magic Editor being shown on a Chromebook.

Google has announced a new selection of Chromebook Plus devices that boast some new AI features and a free subscription to Gemini Advanced.

Google launched its Chromebook Plus initiative in October 2023 with a more premium brand of Chromebooks, and now Google is answering the recent push into AI by Microsoft with its own. Copilot+ PCs looks great, but Google says that AI should not be for just those who have over $1,000 to spend on a laptop. Chromebook Plus laptops start at $349 and range up to $649, but often come with better performance and features.

Read more