Thursday 29 June 2017, Poradnik bezpieczeństwa

Cherry Blossom – a new router hacking tool

Lost24

The Wikileaks portal has recently published a document from the CIA Vault 7 series, containing the informations about a malicious firmware called Cherry Blossom.

Why is Cherry Blossom so dangerous?
The program was designed to compromise wireless networking devices, such as wifi routers from popular companies like Asus, D-Link, 3Com, Linksys, and Apple. The wireless devices were selected as a target because they do not require physical link and can be easily infected by the Cherry Blossom program during the of their firmware over a wireless access.

Once infected, the wifi device becomes a so-called FlyTrap, capable of handling a variety of malicious tasks. FlyTrap is capable of checking a user’s network traffic, redirecting them to a particular website, or even scan for email addresses, chat user names, MAC addresses and VoIP numbers.