Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible router infection


  • Please log in to reply
2 replies to this topic

#1 BabylonHoruv

BabylonHoruv

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:31 AM

Posted 28 July 2014 - 12:59 PM

So can a virus take hold in the router? I have noticed odd drops in bandwidth for my entire household that usually only last a few seconds, as well as strange behavior from our smart TV.  The TV had a still image of an ad for autotrader.com as the default image instead of the standard blank screen when the cable box was turned off and nothing else was being displayed.  This has since ceased and returned to the standard blank screen.



BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:31 PM

Posted 28 July 2014 - 01:53 PM

It can, but such malware is always specific to a router model.

 

What happens more, is that the router is reconfigured with a DNS under the control of criminals.

 

What router model do you have? Have you change the default password?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 Kilroy

Kilroy

  • BC Advisor
  • 3,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:07:31 AM

Posted 28 July 2014 - 09:17 PM

There are certain routers with known issues that can be compromised from the Internet side.  Chances increase if you left the default password for the router.  You should probably check to see if there is a firmware update for your router.  If there is, see what issues are fixed by the update and update your firmware accordingly.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users