Small home network = above my pay grade

[James Toole]

Hello all, I’m James and I’m technically impaired apparently because I can’t seem to figure out what is going on with my small home network. I’m a retired veteran and former police officer. I’ve only recently started paying a serious amount of attention to the apparent applications and programs running blindly in the background.
Apparently I am the only one that finds this suspicious and why my email accounts showing that I have 3-4 different iPhones when I’m reviewing my account weekly. So after I remove the others a couple weeks later it’s the same thing again. My Amazon Prime account says I had logged in with my 94th iPhone device I was told the other night and I had to call to find out what was going on?
Again this new router still changing it’s remote settings to enabled after I repeatedly ensure that it’s not allowed to and constantly seeing UPnP being switched back to enabled and I’m just left to accept this as its normal. I began printing the router logs until the printer developed an error and has been off line since. I’ve attempted contacting the tech support for Asus and forwarding copies of the router logs that constantly are showing that the kernel is attempting to deny something repeatedly until it just stops then says something about the kernel being tainted and reconfiguring. I usually get a notification through my email a few weeks later stating that my email was received with nothing in it and asking about any issues? I don’t have the time to keep researching what all this means and whatever isn’t affecting my bank accounts. I have figured out that all of this is something that I can’t resolve by myself and apparently no matter how much money I throw towards security software and change equipment once I’m certain that it’s no longer in my control. (I mean that my last computer I only had for a couple months but after the 3rd hard drive crash and replacement by HP I was notified that it wasn’t going to be covered again do to altering of the firmware and source code. I can give plenty of information about this and even willing to pay for a solution. Just asking for anyone that can help me figure this out you’d be reimbursed for your time and effort.
Quick little breakdown On my current Network; I just bought a HP AIO desktop about 3 weeks ago along with a new Arris SB8200 modem, a Asus RT-AC3100 router, and a Bitdefender Box 2 for security. It’s setup in a bridge as the Asus is the AP. I also have MAC address filtering setup but not from the first day. Now I had everything set up by Geek Squad because I apparently can’t seem to do that on my own. lol
Something I recently found out about is that apparently all my email accounts now have developer accounts on them (Gmail has Firebase, Amazon has AWS, Hotmail has Azure) and what if anything can that accomplish?
Last thing I can add about all of this is that both my current desktop and the previous seemed to have something affecting them since the initial boot up because even after 3 weeks the computer takes approximately five minutes or so to “update it’s drivers” after I log in. And apparently every time it updates I have less and less permissions to access my files or make any decisions on the computer. Thanks in advance for the help.

 

[AndreiV]

You should disconnect everything and get a local expert that can physically sort this out.
You shouldn't allow remote access to the router, it also sounds like you have an open WiFi system and your PC's are infected.
This needs someone competent to be on site with you.
I would be seeking a local qualified IT specialist .

 

[thiggins]

I agree with AndreiV. Sounds like you have been seriously hacked.
Shut off all your computers, phones, iPads, etc. until you can get a GOOD IT specialist in to clean up the mess.

And check your credit records, put a freeze on your credit and change the security codes to all bank, investment and credit accounts.

 

[James Toole]

You should disconnect everything and get a local expert that can physically sort this out.
You shouldn't allow remote access to the router, it also sounds like you have an open WiFi system and your PC's are infected.
This needs someone competent to be on site with you.
I would be seeking a local qualified IT specialist .

Unfortunately in my area that consists of a few college students majoring in game design and working part time at Geek Squad. Honestly trying to get someone to help me with this is proving to be more difficult than I thought originally. Every place I’ve checked with so far has passed the buck off as something that their business isn’t able to assist me on and I’m actually about to give hire a hacker a call. Seriously though thanks for the honest opinion. My latest hoop I’m forced to jump through is that apparently unless my network analyzer is messed up; somehow my phone is now only broadcasting on IPv6 and that I’ve got 3 tunnel brokers with a direct line to me. No idea how to get out of this mess now. Apple told me that factory reset would fix everything. lol Oh and Spectrum was acting like I was over exaggerating till my network used 32.7 Gb of data in less than 24 hours time

 

[James Toole]

I agree with AndreiV. Sounds like you have been seriously hacked.
Shut off all your computers, phones, iPads, etc. until you can get a GOOD IT specialist in to clean up the mess.

And check your credit records, put a freeze on your credit and change the security codes to all bank, investment and credit accounts.

I agree with AndreiV. Sounds like you have been seriously hacked.
Shut off all your computers, phones, iPads, etc. until you can get a GOOD IT specialist in to clean up the mess.

And check your credit records, put a freeze on your credit and change the security codes to all bank, investment and credit accounts.

Whoever or whatever is doing all of this isn’t about money because they have had plenty of time to do whatever they want with. That’s why I can’t get my local police dept to even take a statement because they said there’s no proof of a crime being committed. Getting pretty frustrated with the cat and mouse games I’m being forced to play.

 

[thiggins]

Sorting this out is going to take awhile. You are going to have to abandon your old data identities and start new. You have essentially had your digital identity stolen. This will take awhile to clean up.
Visit https://www.identitytheft.gov/ to start making a plan.

Contact a data theft protection and/or recovery company for help.

For communications, start with a new computer and burner phone. Assume all your data is compromised. Do NOT install anything from your old computers or download anything from your cloud accounts. Do not network anything.

Run Ubuntu or Mint from a USB stick while you are cleaning things up. This way, you start with essentially a fresh computer each time.

Shut down all your old accounts and don't attempt to download anything from them. Get a new email account. Don't use the old one(s) for anything. Assume anything there is being read by someone else.

Don't post any information about your accounts, router, data here. It's not going to help and could possibly hurt you.

 

[AndreiV]

So someone with access to your kit , possibly the last people to set things up for you have set up tunnels and remote control.

I am in the UK so can't physically help. Maybe if you gave a rough location other members here could point you in the right direction regarding IT/network engineers .

Hacking/using other peoples connections is illegal so the police should do something.

 

[RMerlin]

ntil it just stops then says something about the kernel being tainted and reconfiguring.

This indicates that your router has crashed and is rebooting. If that crash message refers to "dcd" then make sure you run the latest firmware.

if you don`t trust your network security, I would recommend getting (at least temporarily) a new router. Configure just the basics with it (no fancy feature), and make sure to use new passwords and SSID passphrases. If possible, have it configured from outside of your network, to ensure it doesn't get compromised while you are still configuring it.

Routers can be infected with malwares. The latest Asus firmware releases actually has protection measures against a specific malware strain that has apparently been floattng around lately.

 

[RMerlin]

I agree that at this point, you will need professional help to ensure that this gets properly sorted out.