WikiLeaks published a new document within the file of US intelligence documents and its penetration of the Internet and users’ devices. The document describes CIA’s penetration of the routers manufactured by 10 major companies.
Because the router is the main gateway through which the data is transmitted between the user and the Internet, thus breaking through can intercept everything, including passwords.
According to the document, the CIA launched a spy program called Cherry Blossom means to use a modified version of the router’s operating system and installed in it to become a monitoring tool and tracking.
The program can remotely control and control the victim’s routers and know the movement of the data to search for important things such as logins for accounts or even redirect the user to a particular Web page to install malicious software on his or her computer.
The document dates back to 2012 and it is possible that there has been a significant evolution in terms of scope and scope in the past five years.
The user manual shows that there are several versions of the Cherry Blossom spy software each suited to specific brands from routers to certain models.
As of August 2012, there were 10 companies manufacturing routers that the CIA could penetrate, including: Asus, Belkin, Buffalo, Dell, DLink, Linksys, Motorola, Netgear, Senao, and US Robotics.
But how can US intelligence install the modified operating system on routers? The process occurs in the distance between the router factory and the sales shop, known as the supply chain, or using a tool called Claymore, for which information is not yet available.