YOUR ROUTER could be playing host to clandestine firmware to turn it into a CIA listening post, according to the latest report from Wikileaks.
'CherryBlossom' is a code injection that can be added to ten models of routers from firms including DLink and Belkin, though only on specific models at this stage.
In some cases, even if your system administration level is high, the Feds can hack on CherryBlossom with UPnP, using a long-standing open source code exploit called Tomato.
Wikileaks suggests that the 25 models currently capable of running CherryBlossom could be increased to over 100 with modification, making them the perfect location for staging "man in the middle" attacks.
Wikileaks has published the full 175-page user guide to the software. It is a Linux OS that turns routers into a so-called "Fly-Trap". This, in turn, becomes a CIA server, called a "Cherry Tree".
A "Cherry Web" web-app allows operatives to send "Missions" to the "Cherry Tree" that could be based around simply monitoring traffic or actually manipulating e-mails, MAC addresses and VoIP communications.
A feature called "Windex" can redirect a browser and establish a VPN giving the Cherry Web user access to the victim's LAN and devices, and proxies all the internet connections to CIA chosen ones.
What makes the whole thing even more spectacular is that all the data between the Fly Trap and the Cherry Tree (couldn't they have standardised the metaphors in these code names?) is fully encrypted and uses cryptographic authentication so there's no way you will likely ever know it has ever happened to you, nor be able to hack the hackers to find out.
Routers in particular danger of being targetted are the D-Link DIR-130 and Linksys WRT300N, along with a number of other Linksys models and one from Belkin, but it seems that list could get longer.
According to Wikileaks, the CherryBlossom project is the result of development work by the Stanford Research Institute (SRI International), a not-for-profit company. µ
C3-PO, R2-D2, BB-8 and other Androids
Helpful cyber vigilante gets short changed by customer services
...you know, now it's less confusing...
Firm will no longer provide updates for its first Android mobe