[Technology] Router hacked?

[jcdenton08]

Had an email earlier this evening saying that two devices had logged in (a PlayStation and an unknown) from IP addresses in Newcastle and Hounslow respectively. Unfortunately; my less technical partner clicked on the link sent by Now our provider to change the password.

She casually mentioned she’d done this so I asked to see the email, and it seems legit. To be on the safe side I wiped the router, changed the SSID, password and admin password as well as the Now website login details.

When I logged into the router directly via a laptop via LAN cable, I could indeed see two unknown devices matching those in the email. Does this mean the router was hacked?

Should I be concerned? Different passwords are used for each app such as banking etc, so this hasn’t been compromised.

 

[Questions]

SeagullsBHA
Gets you in to most NSC accounts

 

[chickens]

SeagullsBHA
Gets you in to most NSC accounts

Hah! You’ll have to get up earlier than that to catch me. I added 123 to the end.








Oh bugger.

 

[chickens]

Had an email earlier this evening saying that two devices had logged in (a PlayStation and an unknown) from IP addresses in Newcastle and Hounslow respectively. Unfortunately; my less technical partner clicked on the link sent by Now our provider to change the password.

She casually mentioned she’d done this so I asked to see the email, and it seems legit. To be on the safe side I wiped the router, changed the SSID, password and admin password as well as the Now website login details.

When I logged into the router directly via a laptop via LAN cable, I could indeed see two unknown devices matching those in the email. Does this mean the router was hacked?

Should I be concerned? Different passwords are used for each app such as banking etc, so this hasn’t been compromised.

This sounds bizarre to me, but being serious: I’d assumed the email meant that someone had logged into your Now TV account to watch footy rather than into your router. That’s quite some wireless you’ve got there to cover Newcastle and Hounslow. Sure nobody in the house is using a VPN?

First things first, haven’t shared your passwords with anyone? Or no family away in either of these locations who might have access?

I’d contact Now, check with them re: the email’s legitimacy, if the router allows it, block the rogue devices by MAC address, see if any new unknown devices pop up, or if something in the house stops working.

If there is a problem it might not be the router, it could be a device connecting to the router has been infected with something nasty.

Equally lots of devices show up as unknown. Heating controls, ring doorbells, almost anything that offers “control from your phone” functionality.

Good luck, hope it’s nothing nasty, but start by working out everything in the home that connect to the internet before convincing yourself that someone/something is piggybacking from your router.

 

[PILTDOWN MAN]

SeagullsBHA
Gets you in to most NSC accounts

Like in my area near Battle alarm code 1066.

 

[Lethargic]

First thing to do is kick the 2 devices off the router, you can do this through the admin page, then change your password.

After that you can do some detective work with less risk, it does sound a rather bizarre scenario.