Posted on Sep 18, 2017 by Caleb Chen

Reminder: the CIA has been able to hack your WiFi router for years


CIA cherryblossom

The CIA has had the tools to take over your router for over a decade, according to government documents leaked by Wikileaks. The software, CherryBlossom, is a custom Linux operating system (OS) that allows the attacker to use the device in a man-in-the-middle (MITM) attack. The attack vector itself reminds us that our unprotected internet traffic is as vulnerable as can be. Wikileaks emphasized that for many models of routers, an attacker might not even need physical access to the device to compromise it:

“The wireless device itself is compromised by implanting a customized CherryBlossom firmware on it; some devices allow upgrading their firmware over a wireless link, so no physical access to the device is necessary for a successful infection.”

CherryBlossom compromised routers have been around for years

The decades old document detailing the CherryBlossom firmware was released by Wikileaks as part of the Vault 7 leaks earlier this year in June. If you’re curious, the 175 page document describing the OS can be found here. Officially, 25 router models are affected; however, experts say that the software could easily be used on 100+ devices with minor tweaks. The affected router brands include other major brands such as Netgear, Motorola, Asus, Intel, Cisco, and more. A full list of targeted devices revealed in the docs can be found here, courtesy of QZ. Interestingly, CherryBlossom was developed with the help of SRI International, the creators of SIRI.

…And there could be others, so use a VPN

As with much of the other Vault 7 leaks, we are only given a snapshot of three letter agency capabilities at that time. It’s not unreasonable to assume that the same or similar exploitation vectors weren’t used to obtain reproducible control of newer hardware. Internet users need to stay vigilant and learn to care about where their router sends their internet traffic, and whether said internet traffic is encrypted or not.

In the current day and age, it’s not unreasonable to assume that the router providing internet at your favorite coffee shop might be untrustworthy. The revelation of CherryBlossom, which just confirms long held fears, underscores the importance of encrypting your internet traffic with Private Internet Access.

About Caleb Chen

Caleb Chen is a digital currency and privacy advocate who believes we must #KeepOurNetFree, preferably through decentralization. Caleb holds a Master's in Digital Currency from the University of Nicosia as well as a Bachelor's from the University of Virginia. He feels that the world is moving towards a better tomorrow, bit by bit by Bitcoin.


VPN Service

Leave a Reply

Your email address will not be published. Required fields are marked *