The CIA’s malicious program has compromised many private and commercial routers. Is yours one of them?


Having a high-security setup on your Wi-Fi router may not have been enough to prevent the Central Intelligence Agency and their advanced tools from accessing your router,  revealed WikiLeaks.

The tool used by the intelligence agency is dubbed CherryBlossom. The software was created to assist the agency in replacing the default firmware in your Wi-Fi with CherryBlossom so it can help them monitor the incoming and outgoing traffic.

The leaked manual was published more than ten years ago and was last updated in 2012. The CherryBlossom and other documents that are linked to the CIA’s leak are a part of the technical documents known as Vault 7, which was revealed to the world three months ago.

The agency hasn’t said anything about the Vault 7 documents and vulnerabilities or about its circulation amongst the American government contractors, which was highlighted by WikiLeaks – most likely because one of those contractors leaked the information to WikiLeaks.

The software was built to bypass the routers security. It would then take the user to its firmware upgrade page using built-in methods. While there are some security settings in the router that ask for the router’s administrative credentials, on the other hand, there are also the ones that allow the use of CherryBlossoms ‘Claymore tool’. The tool had the built in option to apply the login credentials and replace the default firmware with the modified version that was built by the agency.

The CIA’s malicious program has compromised a lot of routers, from common ones such as US Robotics, Linksys and D-Links to the lesser known generics, all of which are listed in the Vault 7 documents. The documents also state that the agency has not only compromised the routers that are in the user’s home but have also compromised those for commercial use, such as those in airports and coffee shops. Once the router has its firmware replaced, all the communications are filtering through a CIA command and control server and everything is encrypted; with the chances of being discovered are next to none.