Linksys warns for CIA tool that can hack routers

Posted 23 June 2017 17:23 CEST by Jan Willem Aldershoff

Linksys warns for a tool developed by the CIA, called Cherry Blossom, which can be used to install malcious firmware on routers. The existence of the tool was revealed by whistleblower website Wikileaks.

On the list of routers that can be attacked with Cherry Blossom are several Linksys models. The company writes in an security advisory that the modified firmware from the CIA can be installed in several ways. Through physical access to the router, through Wifi access and by intercepting the router in transit before it’s delivered to the end-user.

Users who fear that their firmware has been compromised are advised to install the latest firmware update. After that, a factory reset has to be performed to before there is no left-over code on the router. Linksys also advises to use a strong administrator password, to disable guest access, WPS and uPnP if they are not used.

In total 28 Linksys are vulnerable to the Cherry Blossom tool. settings

Several settings at can be changed, they are stored in cookies, which means they will be reset if you clear cookies


Change the background to a plain color or trianglified image (similar to the default image)

No tracking features

At Myce most social media feature are done server side and impose no privacy risk to the visitor when not used. Several features use Javascript with you can turn off here


Switch to the List layout for an index with chronologycally listed news items or Grid layout for a block based layout. To see the change you need to reload the page