CIA Created 'CherryBlossom' Toolkit For Hacking Hundreds of Routers Models

An anonymous reader writes: After a two-week hiatus, WikiLeaks dumped new files as part of the Vault 7 series -- documents about a CIA tool named CherryBlossom, a multi-purpose framework developed for hacking hundreds of home router models. The tool is by far one of the most sophisticated CIA malware frameworks in the CIA's possession. The purpose of CherryBlossom is to allow operatives to interact and control SOHO routers on the victim's network. The tool can sniff, log, and redirect the user's Internet traffic, open a VPN to the victim's local network, execute actions based on predefined rules, alert operators when the victim becomes active, and more. A 24-page document included with the CherryBlossom docs lists over 200 router models from 21 vendors that the CIA could hack. The biggest names on this list are Apple, D-Link, Belkin, Aironet (Cisco), Linksys, and Motorola.

Can this infect 3rd party firmware?

For example Tomato, DD-WRT, OpenWRT, and all the variants that are so popular on commodity hardware.

Re: Thanks wikileaks you are really helping

The Government spy agencies shouldn't be creating f...ing malware/trojans.. Cause this will happen every time. Information wants to be free. This also seems to be is old equipment models. They don't even have 802.11ac equipment listed? Oh wait, the CIA has updated attack tools that hasn't been stolen....yet.