WikiLeaks reported shocking news this week about the Central Intelligence Agency (CIA) hacking into Wi-Fi routers. According to WikiLeaks, CIA is using hacking tools to penetrate Wi-Fi routers even if they are protected with strong password.
CIA is using a hacking tool called CherryBlossom, which allows them convert a wireless router’s firmware into custom code. It further allows them to remotely supervise the internet traffic of that router. WikiLeaks posted a user manual which provided a brief detail about the software.
WikiLeaks posted the manual in 2006 which recently got updated in 2012. Moreover, WikiLeaks’ Vault7 contains all the IT and tech related documents of valuable stolen intelligence. It announced the valuables in March 2017. The CIA denied briefing about the trove. According to WikiLeaks, US provided the valuables to the CIA itself, as the news revolved around the US government contractors.
Quick Read: How to set up and configure your wireless router
How it works
With the use of CherryBlossom, the CIA would use variety of procedures to penetrate a router’s security with ease. Furthermore, the organization would have accessed the router’s firmware upgrade system to hack into its mainstream. The process mostly requires the router’s username and password, otherwise, a ‘Claymore tool’, have the ability to put in the login details. Then, using a laptop, it can automatically replace the router’s firmware.
According to WikiLeaks, the software was able to penetrate lots of router models including D-link, Linksys, US Robotics, and other producers. These routers include consumer models as well as commercial models used in coffee shops and airport. As soon as the router is hacked, it encrypts all the communication to and from the CIA’s control center. Additionally, it hides the CIA server’s identity to prevent detection.
The manual states that once the CIA hacks the router, it could spy around by controlling the network traffic and redirect requests a web browser makes.
As per the WikiLeaks, officials from many router producers did not immediately react to the situation. Even Stanford Research Institute that helped the CIA in developing the software have not spoken of it at all.