Home Security Vault 7: details of tools for hacking routers dumped

Vault 7: details of tools for hacking routers dumped

WikiLeaks has released documents from the CIA that show the spy agency was, for years, building and maintaining tools to hack into commonly used routers. The dump is part of the Vault 7 series that the whistle-blowing site began releasing on 7 March.

The CIA programme was called Cherry Blossom and it developed firmware that could be implanted in wireless networking devices, including access points and routers.

One of the manuals says: "An implanted device can then be used to monitor the Internet activity of, and deliver software exploits to, targets of interest. It should be
noted, however, that the CBlossom architecture does not limit itself to wireless devices – in general, wired network devices could be implanted/compromised in the same fashion to achieve the same goals."

The documents released date back to 2012.

Four ways of getting the implants onto routers are outlined. One is to use the firmware upgrade Web page over a wireless link, a this technique that does not need physical access but generally needs an administrator password.

The second method is to use a wireless upgrade package as some devices do not allow firmware upgrades over wireless links.

A third means is to use what the CIA calls a Claymore Tool, a survey, collection, and implant tool for wireless (802.11/WiFi) devices that first tries to determine device makes/models/versions in a region of interest. The collection function isn used to capture wireless traffic. The implant function can perform wireless firmware upgrades and incorporates the exploitation tools.

Finally, the the firmware upgrade Web page over a wireless link, a technique that is described as being likely to be used in a supply chain operation. Presumably, this means the implant was done with the co-operation of the manufacturer.

The documents show firmware was created for a long list of networking devices. The manufacturers include Aironet/Cisco, Allied Telesyn, 3Com, Accton, AMIT, Asustek, Belkin, Breezecom, Cameo, D-Link, Gemtek, Global Sun, Linksys, Motorola, Orinoco, Planet Tec, Senao, US Robotics and Z-Com.

It is unclear as to whether the programme is still running today.


Did you know: Key business communication services may not work on the NBN?

Would your office survive without a phone, fax or email?

Avoid disruption and despair for your business.

Learn the NBN tricks and traps with your FREE 10-page NBN Business Survival Guide

The NBN Business Survival Guide answers your key questions:

· When can I get NBN?
· Will my business phones work?
· Will fax & EFTPOS be affected?
· How much will NBN cost?
· When should I start preparing?


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.