Wikileaks Unveils ‘Cherry Blossom’ — Wireless Hacking System Used by CIA

Dubbed “Cherry Blossom,” the framework was allegedly designed by the Central Intelligence Agency (CIA) with the help of Stanford Research Institute (SRI International), an American nonprofit research institute, as part of its ‘Cherry Bomb’ project.

“An implanted device [called Flytrap] can then be used to monitor the internet activity of and deliver software exploits to targets of interest.” a leaked CIA manual reads.

“The wireless device itself is compromised by implanting a customized CherryBlossom firmware on it; some devices allow upgrading their firmware over a wireless link, so no physical access to the device is necessary for a successful infection,” WikiLeaks says.

  • Monitoring network traffic to collect email addresses, chat user names, MAC addresses, and VoIP numbers
  • Redirecting connected users to malicious websites
  • Injecting malicious content into the data stream to fraudulently deliver malware and compromise the connected systems
  • Setting up VPN tunnels to access clients connected to Flytrap’s WLAN/LAN for further exploitation
  • Copying of the full network traffic of a targeted device

Previous Vault 7 CIA Leaks

The tool is a persistent implant for Microsoft Windows machines that has been designed to infect networks of Windows computers through the Server Message Block (SMB) file sharing protocol by replacing application code on-the-fly with a trojanized version of the software.

Since March, the whistleblowing group has published 11 batches of “Vault 7” series, which includes the latest and last week leaks, along with the following batches:

  • Athena – a CIA’s spyware framework that has been designed to take full control over the infected Windows PCs remotely, and works against every version of Microsoft’s Windows operating systems, from Windows XP to Windows 10.
  • AfterMidnight and Assassin – two apparent CIA malware frameworks for the Microsoft Windows platform that has been designed to monitor and report back actions on the infected remote host computer and execute malicious actions.
  • Archimedes – a man-in-the-middle (MitM) attack tool allegedly created by the CIA to target computers inside a Local Area Network (LAN).
  • Scribbles – a piece of software allegedly designed to embed ‘web beacons’ into confidential documents, allowing the spying agency to track insiders and whistleblowers.
  • Grasshopper – reveal a framework which allowed the agency to easily create custom malware for breaking into Microsoft’s Windows and bypassing antivirus protection.
  • Marble – revealed the source code of a secret anti-forensic framework, basically an obfuscator or a packer used by the CIA to hide the actual source of its malware.
  • Dark Matter – focused on hacking exploits the agency designed to target iPhones and Macs.
  • Weeping Angel – spying tool used by the agency to infiltrate smart TV’s, transforming them into covert microphones.
  • Year Zero – dumped CIA hacking exploits for popular hardware and software.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s