Home Security Vault 7: details of tools for hacking routers dumped

Vault 7: details of tools for hacking routers dumped

WikiLeaks has released documents from the CIA that show the spy agency was, for years, building and maintaining tools to hack into commonly used routers. The dump is part of the Vault 7 series that the whistle-blowing site began releasing on 7 March.

The CIA programme was called Cherry Blossom and it developed firmware that could be implanted in wireless networking devices, including access points and routers.

One of the manuals says: "An implanted device can then be used to monitor the Internet activity of, and deliver software exploits to, targets of interest. It should be
noted, however, that the CBlossom architecture does not limit itself to wireless devices – in general, wired network devices could be implanted/compromised in the same fashion to achieve the same goals."

The documents released date back to 2012.

Four ways of getting the implants onto routers are outlined. One is to use the firmware upgrade Web page over a wireless link, a this technique that does not need physical access but generally needs an administrator password.

The second method is to use a wireless upgrade package as some devices do not allow firmware upgrades over wireless links.

A third means is to use what the CIA calls a Claymore Tool, a survey, collection, and implant tool for wireless (802.11/WiFi) devices that first tries to determine device makes/models/versions in a region of interest. The collection function isn used to capture wireless traffic. The implant function can perform wireless firmware upgrades and incorporates the exploitation tools.

Finally, the the firmware upgrade Web page over a wireless link, a technique that is described as being likely to be used in a supply chain operation. Presumably, this means the implant was done with the co-operation of the manufacturer.

The documents show firmware was created for a long list of networking devices. The manufacturers include Aironet/Cisco, Allied Telesyn, 3Com, Accton, AMIT, Asustek, Belkin, Breezecom, Cameo, D-Link, Gemtek, Global Sun, Linksys, Motorola, Orinoco, Planet Tec, Senao, US Robotics and Z-Com.

It is unclear as to whether the programme is still running today.


Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.