They are hacking into my router

Marcus CS

Posts: 38   +0
I have a wpa2 encryption and a hidden ssid. It always starts when one of my other computers is trying to access the internet through the router. It fails to connect so I try to login to my router, but then the password is changed. The password and user name for my login name are random so I'm wondering how are they hacking into it. I know hacking in to someone's router is illegal so I'm asking for some advice on what to do. Should I call the police? If there is some one hacking me I want them to be held responsible. ps I don't belive this is your average hacker.
 
I would imagine the issue is more to do with an infected router firmware, but I would wait for confirmation from more suitably qualified members than me first.

Randomly generated passwords, if done correctly, and of suitable length are very diificult to crack, thats the whole point of them. The fact your are being circumvented so easily says to me either the router is hacked, or one of your networked devices is currently housing a "keylogger" or something to that effect. I could of course be wrong, but based on your comments I would assume this to be the case.

In the meantime disconnect the router from your entire network and turn it off, if your able to do so.
 
Who can I contact to fix this problem because I am going nuts. Should call like geek squad or something because I would like this to be taken care of as soon as possible
 
You should probably call the police and a technician, probably one from the original manufacturing company. But, like Leeky, you should probably wait for someone who knows more than me.
 
Here's how it's done;
First, the default router/pwd are left inplace
then the user accesses a website with malware content
any page loaded into the user's browser is already behind the firewall
and the access to the router config is trivial script code
(which has direct access to the router config page unless the pwd is non-default)​
So to defend:
  1. reset the router
  2. reload fresh firmware into it
  3. reboot the router
  4. reset the admin password to non-default, non-trivial
  5. boot the router again
  6. now setup your wifi
  7. disable UPnP and remote management (port 8080)
 
This probably sounds stupid, but how do you refresh the firmware for the router?
You go to the Vender for your brand of router and download the latest firmware - - be sure to match the model number and for Netgear, the Revision Number too.
Then you log into the router and use the Update Firmware service to suck in the download and it will do the rest. What this does is to ensure that YOUR firmware is no longer the HACKERS version.
 
my wireless router is a d-link wbr 1310. Also, I don't really understand jobeard's Fifth step: boot the router again.
 
Thank you, but it happened again

I did exactly what you said and it worked for about a week, but just recently all of my wireless computers accessing my routers failed to get a connection. The password has been changed again. I don't know what is happening. I believe this person is really good at what they do or do you think it my might be another problem I am having. Please help. Also, I meant to say thank you earlier for helping me and I'm sorry I'm doing it when I actually need help again.
 
Did you change the router login password AFTER reloading the firmware???
 
That is amazing!

If it seems someone is still cracking your random passwords, maybe 2 other things to look for
1) When you connect and logon to your router, make sure the router logon password is NOT being saved by the web browser
2) Scan your computer for malware/key logging tools. Follow the instructions you find in this link. Create a new thread in the Malware removal forum. Copy/paste all your logs as instructed
 
Back