Most Internet routers just sit in the corner of a room and collect dust without getting much attention—except from the CIA.
Routers act as the gatekeeper for private networks, letting permitted internet traffic through and keeping unwanted traffic or users out. However, the CIA has a myriad of ways to manipulate this interaction in common routers sold by firms like D-Link and Linksys.
The Verge reports the agency has a program called Cherry Blossom, which modifies router’s firmware to convert it into use for surveillance. The tool allows the hacker to monitor traffic, search for sensitive data like passwords, and even redirect traffic to another website.
The cache of files includes a cadre of stealthy codenames including two exploits (or security flaws) called Tomato and Surfside, according to Wired. To scan a network for vulnerable routers, the CIA allegedly uses a program called Claymore.
Vulnerabilities aside, internet routers are a tantalizing target for hackers, whether they are tax-payer funded or not, because there are almost no red flags obvious to computer users once a router’s been compromised.
This article was featured in the InsideHook newsletter. Sign up now.