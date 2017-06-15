CIA Created 'CherryBlossom' Toolkit For Hacking Hundreds of Routers Models (bleepingcomputer.com) 44
An anonymous reader writes: After a two-week hiatus, WikiLeaks dumped new files as part of the Vault 7 series -- documents about a CIA tool named CherryBlossom, a multi-purpose framework developed for hacking hundreds of home router models. The tool is by far one of the most sophisticated CIA malware frameworks in the CIA's possession. The purpose of CherryBlossom is to allow operatives to interact and control SOHO routers on the victim's network. The tool can sniff, log, and redirect the user's Internet traffic, open a VPN to the victim's local network, execute actions based on predefined rules, alert operators when the victim becomes active, and more. A 24-page document included with the CherryBlossom docs lists over 200 router models from 21 vendors that the CIA could hack. The biggest names on this list are Apple, D-Link, Belkin, Aironet (Cisco), Linksys, and Motorola.
Re: (Score:1)
Re: (Score:2)
There's plenty of debate on what constitutes responsible disclosure of vulnerabilities, but this document appears to only explain how the tool is used, not including the tool itself, so that isn't even the conversation to be having.. Your argument seems more applicable to The Shadow Brokers.
What this leak would seem to do would be to correct the mistake the CIA made by failing to disclose vulnerabilities to vendors so they could use it themselves. Pretty much the only way to criticize Wikileaks here is
Re: (Score:1)
Wikileaks could have informed the manufacturers first, giving them time to create patches before it's leaked to the interwebs.
That's bullshit. The manufacturers are well aware of the flaws being exploited, and it is just as plausible they left them open on 'request'.
Two words: Reasonable Doubt (Score:1)
Defense attorneys must be salivating at this news, right? The fact that so many different router models are exploitable just screams "reasonable doubt." Hundreds of different models of routers are affected. If the CIA could find and exploit these vulnerabilities, so could other people. Anyone being charged with a computer crime that doesn't have a physical nexus (e.g. DPR getting fake passports in the mail) should point to this information and say see, my router was hackable, anyone in the world could have
Re: Fuck off america (Score:1)
There is every reason to believe that intelligence agencies in other countries do the same things. Is there ANY reason to doubt that intelligence agencies in the UK, Germany, China, Russia, and other countries aren't doing the same things? Of course they're doing the same things! A lot of the world would be hypocrites to complain about this. Those governments and plenty of others are just as interested in spying as the US government is. You just wanted to post some flamebait, so congratulations on making a
Can this infect 3rd party firmware? (Score:2, Interesting)
For example Tomato, DD-WRT, OpenWRT, and all the variants that are so popular on commodity hardware.
Re: (Score:3)
Did you actually read the article?
They are replacing the existing firmware with a new version with 'extra' functionality.
The people who would not notice are the ones who would use the system out of the box and would not notice a hard reset. I am guessing a custom firmware users would notice.
Re: (Score:2)
Re: (Score:2)
The "supported" model list makes it look like they are only targeting default OEM loads. Which makes sense since that's what most people run.
DD-WRT (Score:2)
I didn't see anything about DD-WRT flashed routers in the manual.
So maybe I'm good.
Re: (Score:2)
Re: (Score:1)
Mate, they are especially interested in neckbeards. We've known about XkeyScore for some time. It's job is to flag users for enhanced monitoring. Amongst it's targets are terrorists, political extremists, system administrators, Linux users, VPN users, and readers of sites like slashdot.
Re: (Score:2)
its a MITM replacement of firmware (Score:2)
So the CIA uses its PoP to man in the middle traffic directed at router manufacturers firmware update sites and none of them simply checked the firmware signature before applying ?
This is pretty basic exploit and pretty basic check for the router manufacturers...
pfSesnse (Score:2)
Been using pfSense for years now, glad to know the FreeBSD life style is still holding up better than commercial consumer bullshit!
Plug and play vs long password? (Score:2)
FlyTrap then connects to CherryTree.
Mission then sends down the tasks to the device.
CherryWeb is the GUI that looks over the new network.
Windex alters the computers browsers i.e. malware.
A copy of networked data via a new VPN.
Years of access.