Wikileaks has released a batch of documents from the middle of 2012 revealing details of the CIA’s CherryBlossom project. A joint venture with the Stanford Research Institute, the CherryBlossom files show how the agency can take remote control of routers and other networking devices from numerous manufacturers…
Wikileaks has released a batch of documents from the middle of 2012 revealing details of the CIA’s CherryBlossom project. A joint venture with the Stanford Research Institute, the CherryBlossom files show how the agency can take remote control of routers and other networking devices from numerous manufacturers, transforming them into listening devices.
CherryBlossom also enables the CIA to interfere with both incoming and outgoing traffic. Passwords present little obstacle in many cases and the fact that remote infection is possible makes the implant very simple to install. The documents reveal how the CIA can home in on a target using information such as MAC address, email address, or even chat handles.
By manipulating incoming and outgoing traffic, the CIA could exploit known vulnerabilities on a target’s machine to gain further control and gain access to even more information. As well as home-level routers, the documentation includes details of how to target public hotspots and hardware used in larger businesses.
WikiLeaks explains:
WikiLeaks has stuck with its previous position of not releasing the source code for any of the tools mentioned in the documents, but it still serves as a slightly terrifying insight into the capabilities of the CIA.
Check out the full CherryBlossom documentation over on the WikiLeaks’ website.
Image credit: Sean Pavone / Shutterstock
