Wikileaks Reveals How The CIA Has Been Clandestinely Hacking Wifi Routers

It's only been a few weeks since the WannaCry scandal died down and now Wikileaks has alleged that the CIA is involved in a cybersecurity scandal.

Wikileaks Reveals CIA Hacking

The leaked documents, which have not been verified, allege that the CIA's hacking team called the Engineering Development Group has, for years, been hacking into private and commercial wireless networks in order gather intelligence.

Found among the dozens of files released by Wikileaks are files containing guides and manuals that detailed how the CIA allegedly hacked into wireless networks in order to monitor persons of interest. While most of the information does pertain to routers, there are documents related to the hacking of Samsung Smart TVs and Apple products.

Routers are a popular target for hackers, whether they are private individuals or intelligence operatives because they grant easy access to an entire wireless network. Unfortunately, routers have many security flaws which make them fairly easy for hackers to exploit.

Cherry Blossom

The CIA's efforts to hack into various routers were categorized under the name "Cherry Blossom" with each version of Cheery Blossom being tailored to a different model of router. Once accessed, the CIA would be able to monitor a user's internet activity, redirect their browser, access email and phone numbers as well as other personal data.

While such news will obviously alarm privacy advocates, they do have one ally in this cause. According to the released documents, the pace at which hardware is upgraded made it difficult for the CIA to keep up with every model of router. However, as of 2012, they did have access to the most popular routers.

"As of August 2012," the manual reads, "CB-implanted firmwares can be built for roughly 25 different devices from 10 different manufacturers, including Asus, Belkin, Buffalo, Dell, DLink, Linksys, Motorola, Netgear, Senao, and US Robotics"

The documents released by Wikileaks were dated in 2012 so we have no way of knowing what changes, if any, have been made to the Cherry Blossom program in the past five years.

WannaCry

This is the second time in as many months that U.S. intelligence agency has been implicated in a scandal involving cybersecurity and privacy. Last month, hackers obtained access to NSA-developed malware called WannaCry which infected thousands of computers worldwide.

While we don't know the details surrounding who the CIA targeted with the Cherry Blossom program, the fact that the tools are in the public eye could allow private groups to reverse engineer the techniques.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics