Menu
What's new
By:
Filters Better Search

KEEP GETTING HACKED AND ROOTED IN MY RT-86ACU

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
K

KILLME32.wxe

Occasional Visitor
I keep getting Hecht I’ve tried everything changing to cable refreshing rebooting multiple times I don’t know what to do anymore look at the logs if someone can explain what’s happening and how I can prevent it would appreciate it I don’t know how they keep getting in the change my router settings in like a virtual environment like in kernel mode in the router
 

Attachments

  • syslog 8.txt
    429 KB · Views: 174
First, what model router do you have (it's not a RT-86ACU) and what firmware version are you running?

Your local IP address range is invalid. It is set to 12.10.12.x which is a public range. I suggest you factory reset your router and set it up again to correct this problem and any others.

At 10:25:57 your router lost its connection to your modem. So it looks like this is a problem with your internet connection and/or modem and not the router.
 
Did u even read the files they changed my admin password activated wireless.. two times fo to the end of log 7 you can see strange account trying to remove settings in my firewall and they they complete acess over the router…
 
Take your router offline, now.

Go to a friend's and download the latest firmware you want to use on it. Do not use your computer/devices to touch the router at all, until you've scanned them thoroughly for viruses via multiple methods.

Do not connect your router back to the ISP before you have completed the following steps.

Perform a full reset to your router/network set up. Do not use any saved backup config files afterward. Do not use your old passwords. Do create a 16 alphanumeric character password that is not easily guessed (random letters/numbers is ideal) that doesn't have any punctuation, spaces, special characters, or smiley faces.

Flash the downloaded (and verified) firmware to the router and repeat the steps again.

Only connect to your ISP when you have fully cleared and reset the router multiple times, in multiple ways. And with new passwords too.

Fully Reset Router and Network
 
I I bought a second router just because I knew this was a big problem should I plug it in right now or should I configure it at my friends house
 
AE4FA818-A332-40CE-B784-D778F738CD17.jpeg
 
I’m sorry for not being more specific but like it’s just it I thought or assumed that the end of log seven u can see different account spamming settings… And u can kinda see the injection in one log, I have the latest Merlin does this mean there is an exploit for that
 
Again, whether you are trying to configure the router that got hacked or a brand new one, I wouldn't trust doing so with any computers that were connected to the hacked router (until they're fully scanned/cleaned).
 
My bad really tired been fighting this back door for weeks now… and when I’m about to win it delete my OS, that’s why i bought a raspberry… and have it connected to another internet source gonna download windows and stuff and make bootable srives from raspberry if that is possible
 
Nah I got a completely new raspberry that haven’t had no connection with the router and I’ve unplugged the router.. But basically my whole home is hacked I have the windows event logs somewhere ccoudlnt even use hirens it took hire a over.. it’s one of those mitigating backdoora that becomes system and then impossible to vleean it creates a virtual machine on ur pc that’s not visible to you..
 
I can't stress this enough.

Borrow a friend's (clean) laptop to configure your new router (without it being connected to the ISP at all). Do not have the hacked router connected to your ISP, or your network.

There is nothing in your home (or anything that visited/connect to your home network) that I would trust at this point.
 
Nah I know that’s why I bought separate internet and a raspberry im
Formatting everything from phones Tony’s let’s to pcs but it’s so persistent it comes back after an offline boot I think it’s stored in like a virtual disk in memory it’s a small file to execute a command to run a a task that’s runs powershell etc etc
 
Apparently, the hack stole all the punctuation keys from your keyboard too. Lol

Makes it very hard to understand what you are trying to say.
 
"Keep getting hacked .... "

Then look at the mistakes you are making with the basic router settings. Turn off Telnet and for SSH only allow from LAN , turn off Access from WAN .

How many other people are here with your issue?
 
Status
Not open for further replies.

Similar threads

M
How to prevent being hacked again - Router & devices? 😢
2
Replies
22
Views
901
Tech9
Tech9
B255ea006
ASUS RT-AX88U VPN (WireGuard) Hacked
Replies
0
Views
1K
B255ea006
B255ea006
M
VPN setup with ASUS, QNAP and SOPHOS
Replies
1
Views
646
L&LD
L&LD
Jaxdia
ZenWiFi Pro XT12 dropping WiFi and not reporting accurately
Replies
8
Views
1K
Jaxdia
Jaxdia
R
YazFi mystery SSID keeps appearing and disappearing and changing
2 3
Replies
50
Views
3K
Amplifier
Amplifier
Similar threads
Thread starter Title Forum Replies Date
M How to prevent being hacked again - Router & devices? 😢 General Network Security 22
J Could a router be hacked from WAN end if firmware always up to date, no portwarding, no upnp and wifi disabled. General Network Security 5
L&LD Some good news too. Hackers get hacked/taken down. General Network Security 1

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 918 (members: 17, guests: 901)
Top