Wikileaks yesterday published its latest round of allegedly leaked CIA documents, detailing aspects of the U.S. agency's "Cherry Blossom" firmware modification program, which uses modified versions of router firmware to turn networking devices into surveillance tools.

The document is the latest in WikiLeaks' "Vault 7" series of publications on CIA hacking methods. Previous leaks have detailed the agency's targeting of iOS devices and Macs, while this manual relates specifically to network routers: Once installed, the Cherry Blossom program can be used to monitor internet traffic, crawl for passwords, and redirect the target user to a particular website.

wikileaks cia
The manual also describes how CIA agents might install the modified firmware. "In typical operation, a wireless device of interest is implanted with Cherry Blossom firmware, either using the Claymore tool or via a supply chain operation." While documents have not been made public that detail the "Claymore" tool, the latter tactic refers to the practice of intercepting the target device somewhere between the factory and the end user.

The document lists several network products as susceptible to its hacking protocol, including devices from Asus, Belkin, Buffalo, Dell, DLink, Linksys, Motorola, Netgear, Senao, and US Robotics. Apple's AirPort networking equipment does not appear on the list, however.

The CIA has struggled to penetrate Apple's network router hardware in the past due to a combination of the company's robust encryption and its use of proprietary hardware. Previous Harpy Eagle documents published by Wikileaks show apparently unsuccessful efforts to "gain root access on an Apple Airport Extreme and Time Capsule via local and/or remote means to install a persistent rootkit into the flash storage of the devices".

The Cherry Blossom document dates to 2012, so it's likely CIA methods have moved on in an effort to keep up to date with changing networking hardware. In a response the same day that the iOS device hacking efforts came out, Apple said that many of the vulnerabilities in that leak were already patched. Apple reportedly ceased development of its AirPort networking devices last year.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tags: Apple Security, CIA, WikiLeaks

Top Rated Comments

Sunny1990 Avatar
Sunny1990
90 months ago
Making it harder and harder for the private info to be tapped into. Gotta love Apple for this.
Score: 10 Votes (Like | Disagree)
Glassed Silver Avatar
Glassed Silver
90 months ago
Why is the government doing this? I guess I want to know: is it still okay for me to say in front of Echo Dot or write in my emails that President Trump looks like he's wearing an orange ferret on his head? Or am I living in Communist China now?
The funny truth is that many of the things the US warned its population about during the Cold War whilst reminding people that the superior West is free and ripe of opportunities are now - or have been for a very long time - part of their own toolkit and that of many other nations who are "friends" of the US, the West or simply try to strike good trade deals with us.

If you like liberty and privacy the times are rough.

Glassed Silver:ios
Score: 8 Votes (Like | Disagree)
haruhiko Avatar
haruhiko
90 months ago
But Apple doesn't update them anymore and has ignored the whole mesh router development. :-(
Score: 5 Votes (Like | Disagree)
Solomani Avatar
Solomani
90 months ago
Making it harder and harder for the private info to be tapped into. Gotta love Apple for this.
No. Like I posted above, there are credible reports that Apple is already dropping its (AirPort) router business. That means that in the future, all Apple servers and networks will have to rely on routers made by those other companies like Dell, Cisco, Belkin, Linksys, etc.
Score: 5 Votes (Like | Disagree)
Solomani Avatar
Solomani
90 months ago
So what's the best router for privacy?
The Google-Facebook router is best!


Just kidding. :p
Score: 4 Votes (Like | Disagree)
Solomani Avatar
Solomani
90 months ago
The CIA has struggled to penetrate Apple's network router hardware in the past due to a combination of the company's robust encryption and its use of proprietary hardware.
Oh boy…. I'm vindicated in another thread where I opined that Apple abandoning its AirPort routers is a mistake.

It's right here, post #34.
https://forums.macrumors.com/threads/eero-reveals-2nd-gen-router-wi-fi-extending-beacon-internet-security-service-and-ios-app-update.2050788/page-2#post-24686814
Score: 4 Votes (Like | Disagree)
Read All Comments

Popular Stories

maxresdefault

Apple Announces 'Let Loose' Event on May 7 Amid Rumors of New iPads

Tuesday April 23, 2024 7:11 am PDT by
Apple has announced it will be holding a special event on Tuesday, May 7 at 7 a.m. Pacific Time (10 a.m. Eastern Time), with a live stream to be available on Apple.com and on YouTube as usual. The event invitation has a tagline of "Let Loose" and shows an artistic render of an Apple Pencil, suggesting that iPads will be a focus of the event. Subscribe to the MacRumors YouTube channel for more ...
Read Full Article258 comments
Apple Vision Pro Dual Loop Band Orange Feature 2

Apple Cuts Vision Pro Shipments as Demand Falls 'Sharply Beyond Expectations'

Tuesday April 23, 2024 9:44 am PDT by
Apple has dropped the number of Vision Pro units that it plans to ship in 2024, going from an expected 700 to 800k units to just 400k to 450k units, according to Apple analyst Ming-Chi Kuo. Orders have been scaled back before the Vision Pro has launched in markets outside of the United States, which Kuo says is a sign that demand in the U.S. has "fallen sharply beyond expectations." As a...
Read Full Article381 comments
iPhone 15 Pro FineWoven

Apple Reportedly Stops Production of FineWoven Accessories

Sunday April 21, 2024 6:03 am PDT by
Apple has stopped production of FineWoven accessories, according to the Apple leaker and prototype collector known as "Kosutami." In a post on X (formerly Twitter), Kosutami explained that Apple has stopped production of FineWoven accessories due to its poor durability. The company may move to another non-leather material for its premium accessories in the future. Kosutami has revealed...
Read Full Article444 comments
iOS 17 All New Features Thumb

iOS 17.5 Will Add These New Features to Your iPhone

Sunday April 21, 2024 3:00 am PDT by
The upcoming iOS 17.5 update for the iPhone includes only a few new user-facing features, but hidden code changes reveal some additional possibilities. Below, we have recapped everything new in the iOS 17.5 and iPadOS 17.5 beta so far. Web Distribution Starting with the second beta of iOS 17.5, eligible developers are able to distribute their iOS apps to iPhone users located in the EU...
Read Full Article
iPad And Calculator App Feature

Apple Finally Plans to Release a Calculator App for iPad Later This Year

Tuesday April 23, 2024 9:08 am PDT by
Apple is finally planning a Calculator app for the iPad, over 14 years after launching the device, according to a source familiar with the matter. iPadOS 18 will include a built-in Calculator app for all iPad models that are compatible with the software update, which is expected to be unveiled during the opening keynote of Apple's annual developers conference WWDC on June 10. AppleInsider...
Read Full Article203 comments
Provenance Emulator

PlayStation and SEGA Emulator for iPhone and Apple TV Coming to App Store [Updated]

Friday April 19, 2024 8:29 am PDT by
The lead developer of the multi-emulator app Provenance has told iMore that his team is working towards releasing the app on the App Store, but he did not provide a timeframe. Provenance is a frontend for many existing emulators, and it would allow iPhone and Apple TV users to emulate games released for a wide variety of classic game consoles, including the original PlayStation, SEGA Genesis,...
Read Full Article181 comments