TechSpot

They are hacking into my router

By Marcus CS
Dec 5, 2010
Post New Reply
  1. I have a wpa2 encryption and a hidden ssid. It always starts when one of my other computers is trying to access the internet through the router. It fails to connect so I try to login to my router, but then the password is changed. The password and user name for my login name are random so I'm wondering how are they hacking into it. I know hacking in to someone's router is illegal so I'm asking for some advice on what to do. Should I call the police? If there is some one hacking me I want them to be held responsible. ps I don't belive this is your average hacker.
     
  2. Leeky

    Leeky TS Evangelist Posts: 3,797   +116

    I would imagine the issue is more to do with an infected router firmware, but I would wait for confirmation from more suitably qualified members than me first.

    Randomly generated passwords, if done correctly, and of suitable length are very diificult to crack, thats the whole point of them. The fact your are being circumvented so easily says to me either the router is hacked, or one of your networked devices is currently housing a "keylogger" or something to that effect. I could of course be wrong, but based on your comments I would assume this to be the case.

    In the meantime disconnect the router from your entire network and turn it off, if your able to do so.
     
  3. Marcus CS

    Marcus CS TS Rookie Topic Starter Posts: 38

    Who can I contact to fix this problem because I am going nuts. Should call like geek squad or something because I would like this to be taken care of as soon as possible
     
  4. superty12

    superty12 TS Enthusiast Posts: 413

    You should probably call the police and a technician, probably one from the original manufacturing company. But, like Leeky, you should probably wait for someone who knows more than me.
     
  5. jobeard

    jobeard TS Ambassador Posts: 9,311   +617

    Here's how it's done;
    First, the default router/pwd are left inplace
    then the user accesses a website with malware content
    any page loaded into the user's browser is already behind the firewall
    and the access to the router config is trivial script code
    (which has direct access to the router config page unless the pwd is non-default)​
    So to defend:
    1. reset the router
    2. reload fresh firmware into it
    3. reboot the router
    4. reset the admin password to non-default, non-trivial
    5. boot the router again
    6. now setup your wifi
    7. disable UPnP and remote management (port 8080)
     
  6. Marcus CS

    Marcus CS TS Rookie Topic Starter Posts: 38

    This probably sounds stupid, but how do you refresh the firmware for the router?
     
  7. dustin_ds3000

    dustin_ds3000 TechSpot Chancellor Posts: 869   +8

    If you can post the make and model of the router we will help you more on a step by step how-to.
     
  8. jobeard

    jobeard TS Ambassador Posts: 9,311   +617

    You go to the Vender for your brand of router and download the latest firmware - - be sure to match the model number and for Netgear, the Revision Number too.
    Then you log into the router and use the Update Firmware service to suck in the download and it will do the rest. What this does is to ensure that YOUR firmware is no longer the HACKERS version.
     
  9. Marcus CS

    Marcus CS TS Rookie Topic Starter Posts: 38

    my wireless router is a d-link wbr 1310. Also, I don't really understand jobeard's Fifth step: boot the router again.
     
  10. biotank

    biotank TS Rookie

    unplug the power wait for 10 secs then plug the power back
     
  11. dustin_ds3000

    dustin_ds3000 TechSpot Chancellor Posts: 869   +8

    Do you have the WBR-1310, WBR-1310 revB, or WBR-1310 revD.
     
  12. Marcus CS

    Marcus CS TS Rookie Topic Starter Posts: 38

    When I look at Model it just says WBR 1310, but it does say in a different area H/W Vers.: B1.
     
  13. dustin_ds3000

    dustin_ds3000 TechSpot Chancellor Posts: 869   +8

    Go here to the WBR-1310 Wireless G Router Vers.: B Suppor page. From there click FAQ to read about all the info you will need to know. After that click Firmware to download the newest version, 2.02. Refer back to the FAQ on how to upgrade the firmware.
     
  14. Marcus CS

    Marcus CS TS Rookie Topic Starter Posts: 38

    Thank you, but it happened again

    I did exactly what you said and it worked for about a week, but just recently all of my wireless computers accessing my routers failed to get a connection. The password has been changed again. I don't know what is happening. I believe this person is really good at what they do or do you think it my might be another problem I am having. Please help. Also, I meant to say thank you earlier for helping me and I'm sorry I'm doing it when I actually need help again.
     
  15. jobeard

    jobeard TS Ambassador Posts: 9,311   +617

    Did you change the router login password AFTER reloading the firmware???
     
  16. Marcus CS

    Marcus CS TS Rookie Topic Starter Posts: 38

    of course with a random *** password no words. I did the steps from 1 to 7 in that exact order
     
  17. jobeard

    jobeard TS Ambassador Posts: 9,311   +617

    with random characters+numbers, that's truly amazing!
     
  18. LookinAround

    LookinAround Ex Tech Spotter Posts: 6,491   +183

    That is amazing!

    If it seems someone is still cracking your random passwords, maybe 2 other things to look for
    1) When you connect and logon to your router, make sure the router logon password is NOT being saved by the web browser
    2) Scan your computer for malware/key logging tools. Follow the instructions you find in this link. Create a new thread in the Malware removal forum. Copy/paste all your logs as instructed
     
  19. Marcus CS

    Marcus CS TS Rookie Topic Starter Posts: 38

    the password is not being saved, but the login name is
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...