cancel
Showing results for 
Search instead for 
Did you mean: 

Gigantic spike in download usage. Hacked??

pkaye1
I'm Here A Lot

My average daily usage has always been approx 500 MB (total for upload and download).  Two days ago it jumped to 17,000 MB download.  Yesterday it jumped to 24,000 MB dowload.  I cannot possibly have increased my usage by that much especially since I haven't changed my usage habits. 

 

I changed to unlimited usage because of this but I really need to figure out what's happened.  Rogers says they can't help me and offered no suggestions.  I do have a router and have a very strong password.  If I change the password, will that knock whoever is stealing my internet, off my system?  Not sure if that will help but I really don't know what to do and have no idea if there is anyway of knowing if someone is hacking into my internet.  The gigantic spike in usage tells me something is amiss.  I would have thought rogers would have cared but they really aren't concerned at all.

 

 

***edited labels***

48 REPLIES 48

Re: Gigantic spike in download usage. Hacked??

StanNewmarket
I Plan to Stick Around

>BEST way, is to actually turn OFF the modem itself then.. then NOTHING can connect to it period. 
>IF i still shows download usage.. then there is a biger issue.

 

Turning off the modem and router didn't help me!!!! I turned EVERYTHING off when I was away on a week vacation. When I returned, someone had been downloading gigabytes of data on my account each day for five out of seven days we were away.

 

I sent a query to Rogers, but they never responded.

Re: Gigantic spike in download usage. Hacked??

IF that is the case.. likely then something either account wise.. or again, someone MAC cloning the modem.

 

IF you are going to do the turn off thing.. you need to inform rogers first. Call in, escalate it, and say to please leave a note on the account, that i will be having it disconected for the period of X to Y 24 hour range.
Then, if there is the usage durring that time.. they have prior knoledge that it was disconected.  (can even unplug it while on the phone with the person, and make sure they are NOT able to see the unit.... again, if you do, and they CAN.. well there is another problem like the clonging going on )

They usually wont take this AFTER the fact.. just as its to easy for someone to say go on a download binge, then after the fact call in and say "Oh mine was unpluged, it wasnt me"



Re: Gigantic spike in download usage. Hacked??

mtech101
I've Been Here Awhile

Download a bandwidth monitor for each of you're computers.

 

This one is free.  Use the installer version.

http://www.softperfect.com/products/networx/

 

This tool will show you how much usage is being used at any given time when the computer is on.  It will also show the download and upload usage per day for that machine it is on.

 

I recently ran into an issue on my Vista machine.  The process SVChost was constantly downloading something but I couldn't tell what it was.  I had to format the entire computer to fix the issue.

 

Goodluck.

Re: Gigantic spike in download usage. Hacked??

mtech101
I've Been Here Awhile

If the modem was off but you are still seeing usage you might want to check if the MAC address (sticker on modem) matches the MAC address Rogers has on you're account.

 

 

Re: Gigantic spike in download usage. Hacked??

Sailorman
I Plan to Stick Around

Had a one day blip where Rogers counters show 189 gb downloaded on a Rogers Extreme plan. No idea what could have caused it and have never before or after experienced anything like it. Have a strong password and have never had a problem. Hard to believe how anyone could download 189 gb in 24 hours so very suspicious if the problem is with Rogers. I have asked tech support to investigate again.

I changed the password and exchanged the modem; and everything is normal. On the network are 2 iPhones, 2 iPads, 2 Apple TVs, 3 macs , a Win 8.1 pc and PS3. Don't do any file sharing, gaming or torrents. Just the occasional netflix movie, itunes.

If anyone has any thoughts.

Re: Gigantic spike in download usage. Hacked??

That it only happened one day... thats good i guess (as long as it doesnt happen again).

 

None of those devices were NEW on that day?

Downloading updates... or the apple products.. maybe itunes downloading all the 'bought' content to that device as well?

I would say icloud.. but you wouldnt be pullint THAT much from there, unless it was a full amount, across all devices maybe.



Re: Gigantic spike in download usage. Hacked??

Sailorman
I Plan to Stick Around

No new devices. And 189 gb is way too much for it to be icloud unless I'm seriously missing something. All the usage was downloaded. Upload was up a bit from my usual but nothing seriously out of whack there.

Re: Gigantic spike in download usage. Hacked??

Sailorman
I Plan to Stick Around

I'm still puzzled about my 189 gb download that happened all in one day in April and how it could have happened. Has never happened before or after. My daily usage is 1-4 gb daily depending if we watch itunes or Netflix. Rogers has been very good about it, but continues to say the download occurred at my end.  I had a strong password on the network and seriously doubt I was hacked by a neighbour or someone sitting in a car outside my house madly downloading. I swapped the modem, changed the network name and password to be safe, but still looking for some answers as to how this could have happened. 

 

The download was 189 gb and the upload was 560 mb. There were no new devices on the network. The devices accessing the network included 2 Canon printers, 3 macs, 2 iphones, 2 ipads, 2 ATVs and a PS3. None of the devices are downoalding torrents, using P2P and the PS3 wasn't even turned on. THere has been no re-occurence. My usage the next day and ever since has been completely normal. 

 

My concerns: Could the modem have been cloned (doubtful since the downloading happened all in one day).  But are Rogers counters accurate and is there a bigger problem here. 

 

Looking for any suggestions or answers.  

Re: Gigantic spike in download usage. Hacked??

Really, there generally are 4 possibilities.

1) Something run amuk localally and downloaded it all.  Possible? Yes.. but for that much, a little iffy...
(Seen stuff run amok and get stuck in a downlaod loop, download say windows updates for 3 days straight, but not THAT much usage)

 

2) Modem cloneing.  I dont think this happens that often.. but still a possibility.  Maybe only one day if they figured how to kick the other one off?

 

3) Someone broke into your network and did it.  Even with the most secure password.. there is always still the possibility.  There is a vulnerability that has been around lately, with a good chunk of 3rd party wireless routers, where someone can get access fairly simply through WPS... there are tutorials on how to do it online, so joe blow nextdoor could possibly easily do it.

 

4) A rogers counter error.  IF it was a general error, counting too much.. i would think it would do it more consistantly, and not on one day only, etc.

Some people say that rogers specifically adds usage on, just to screw us over and make us pay.  Personally i dont beleive it.. as why . someone off, so they would leave, and then loose the overall revenue over a small amount income from the overage?

 

 

Generally, i find mine to be accurate... only times there are odities.. i can usually explain it.
(Oh yeah, downloaded that new game so there is 15g.... or like yesterday.. forgot and left a torrent on for like 5 hours.. had like 4g of upload usage... whooops)



Re: Gigantic spike in download usage. Hacked??

gisuck
I'm a Reliable Contributor

Further to Gdkitty's post, I would check your cloud sync tools if you have any (iCloud, Dropbox, etc.) to make sure it doesn't run in an endless loop. I had one case where Dropbox was attempting to download a rather large file, but there wasn't any free disk space for it. The end result was that Dropbox kept the file in cache, ran out of disk space, deleted the cached file and attempted to redownload the file endlessly.

 

Re: Gigantic spike in download usage. Hacked??

Gdkitty
Resident Expert
Resident Expert

Yeah, i had a friend with the same thing... got a external network hard drive... filled it 3/4 full.
Enabled the cloud stuff on it, not aware that it would try to SYNC... and had exactly as described above.

Thats often where alot of UPLOAD usage can come from.. enabling some form of cloud service, which is now UPLOADING all your stuff up to the cloud.

(and then, usually consecttively DOWNLOADING to another device now that has syncing enabled.)



Re: Gigantic spike in download usage. Hacked??

Sailorman
I Plan to Stick Around

That's for the posts. I'm discounting someone hacking the network unless this can all be done remotely outside of the range of the modem. Mac cloning seems possible. Maybe someone has figured out how to tap into modems remotely and steal bandwidth from random customers? 

 

I live in a single detached house and both my neighbours within WIFI range have their own networks are unlikely suspects to have hacked my network and downloaded 189 gb of data, all in one day. It was a Monday, not even a holiday or weekend. It's just too much data to be a reasonable explanation unless someone has some pretty sophisticated tools and needs. On the cloud side, given less than half-a-gig was uploaded, not likely. I don't use drop box and my icloud account hasn't changed. The loop thing sounds like a possible explanation but the size of the data loop 189 gb leave me puzzled. I wonder if it have could have something to do with the devices talking to each other within the network. Does Rogers count that as downloaded internet usage. The size of the download raises some flags but maybe all the devices syncing photostream might add up to a lot of data.   

 

So still a mystery. Needless-to-say, I check my usage daily now. I wonder how common this is. Any other thoughts much appreciated. 

Re: Gigantic spike in download usage. Hacked??

Some people have claimed that the internal usage counts against it.. but it doesnt.

I have a Desktop, server PC, and laptop.  Most of my downloads happen on my desktop.  I then copy them to the server, and to a network hard drive.  I have done up to 20g at one time.  So desktop to server, and desktop to drive, would be 40g of extra traffic (ontop of the 20g download).  that day should be 60g if it was that way?  Nope. only the 20g download.

 

The usage is not even calculated at the MODEM end as far as i am aware.. its at the head end..


So internal traffic, should NEVER go anywhere near.

 

Only time i could see MAYBE something happening that way.. would be say a streaming device, which was miss configured to maybe look at the external IP rathe than internal.. and the pc to device stream went OUT and back in... but then you would have an UPLOAD and DOWNLOAD both high.



Re: Gigantic spike in download usage. Hacked??

nomadlee
I've Been Here Awhile

I have to post this...Rogers have been very good about my situation and has kept me at ease with the $900 bill.  They mentioned they'd give me a one time pass on the overage.

 

I went on vacation for a week...I left one PC on at home.  3 days later I recieve an email that I've reached 75% of my usage...weird..cause no one is home and we've never reached that limit yet.

 

I instanlty logged on to "My Rogers" to check my usage statistics and was SHOCKED!

 

Daily Usage          Download Usage (MB) Upload Usage (MB)          Daily Total (MB)
August 30, 2014   9,281                                416                                          9,697
August 29, 2014   30                                      5                                              35
August 26, 2014   182,895                           46                                            182,941
August 25, 2014   365,583                           71                                            365,654
August 24, 2014   411                                   68                                            479
August 23, 2014   50                                      61                                            111
August 22, 2014  1,800                                 161                                          1,961

 

I called instantly...and they were unable to remote to my modem to disable it.  Rogers was able to stop the download by suspending my account.

 

As you can see from my week snippit...I left....my network usage dropped then Spiked...it was stopped by rogers on the 26th and I returned late on the 29th.

 

When I returned...I still managed to hit near 10 GIG on the day I returned...something is still going on.  I don't use torrents or subscribe to NetFlix.  Our daily average is about 2-3 GB.

 

I suspect something or someone had hacked into my PC or Modem while I was away and did this.  My biggest concern now is how do I ensure this is not still happening?  And how can I prevent this in the future?

 

I've changed all my passwords(WiFi included), installed the latest and greatest Norton crap on all PCs and I trying out some network monitoring tools.

 

If anyone else has encountered this recently, I'd love to hear about it.

 

Slightly Shocked,

Nomad

Re: Gigantic spike in download usage. Hacked??

I wish I had some wise words of wisdom on this as its becoming all too common to see this happen :(. Here is another link on the forum to similar occurrences although I’m sure there is more than one thread.

 

http://communityforums.rogers.com/t5/forums/forumtopicpage/board-id/Getting_connected/page/1/thread-...

 

and other threads on DSL reports…

 

http://www.dslreports.com/forum/r29426547-Internet-Fight-with-Rogers-over-Internet-usage

 

http://www.dslreports.com/forum/r29499950-Rogers-usage-monitoring-BS-filtering-over-to-TSI-#end

 

Note that in this last thread, Teksavvy uses the Rogers network as a Third Party ISP Access company.

 

Something I would recommend is to swap your modem out in case you are the victim of MAC address cloning, which in theory should never happen.  I'll add a few more comments on this later.  I'm sure that others will comments on it as well. 



Re: Gigantic spike in download usage. Hacked??

The Cisco modem seems the most one in the cases of the MAC cloning.
All in all right now a good idea so swap anyways.

Beyond that... That the pc was on.. Hard to not 100% rule it out.

Beyond the norton, I would also run malwarebytes, as most AV programs only do a so so job of malware scanning.



Re: Gigantic spike in download usage. Hacked??

nomadlee
I've Been Here Awhile

Thanks for the information.  I checked out the other forum postings you noted and it appears that it seems to be a common occurance when people go away on vacation.  Note to self...when going on vacation...unplug router if not being used.

 

I will keep a close eye on my usage...and will most likely take your advice on swapping out the modem.

 

Thanks for the reply.

 

The Nomad.

Re: Gigantic spike in download usage. Hacked??

DM2014
I've Been Here Awhile

Folks - could use your help... I'm seen massive spikes in data usage on my account recently... 724G in one day!, 324G on another!  Rogers keeps telling me it's something on my end.  I watch netflix but its not the main culprit as I have it on medium quality and no math in the world equals 724G of usage in one day.  Laptop is virus free (just checked).  I've powered off the modem while awhile and no traffic during those days so it's not a backend issue.  Have reset modem and changed the password multiple times in case someone was getting in but that didn't fix anything.  Also using "Who's on my wifi" to see what devices are connected.  Trying the "connect only one device at a time solution" next but if you have any other ideas I'd love to hear them!  My usage currently says I'm at $2k in billing and i have another couple of weeks to go... thankfully it caps at $100.  I'm more concerned with figuring out the why as I don't want to keep running into this.  I never use more than 80-100G a month so this is very disturbing.

 

 

Re: Gigantic spike in download usage. Hacked??

Gdkitty
Resident Expert
Resident Expert

Well for now, the SAFEST bet temporarily would be to perhaps call in, and get the UNLIMITED addon.  As its only $10-$15 (depending on your plan, etc), will at least hep cover until you solve where its comming from.  (i THINK it goes till the end of your cycle if its added on now, so i THINK it will cover the overage? Not sure.)

 

THat when its OFF, there is no usage at all... makes me think that its NOT a MAC cloning issue.

All in all, might be still a good idea, to swap the modem anyways, JUST to be sure its not another modem issue.

 

Make sure, to do a good MALWARE scan, as well as the AV scan.  Most AV, only does a mediocre job at malware scanning.  Try something like MALWAREBYTES.

 

Double check, for all possible things which MIGHT be connected to the interenet... phones, smart TV, bluray players, etc.



Re: Gigantic spike in download usage. Hacked??

DM2014
I've Been Here Awhile
Thanks for the suggestions. My laptop is a Mac but it doesn't look like malwarebytes is for Mac. Any others you can recommend?

I've taken everything offline and I'm trying one device a day. I'm thinking it's the Mac or Apple TV somehow - They are the only ones on consistently.

Re: Gigantic spike in download usage. Hacked??

Gdkitty
Resident Expert
Resident Expert

Even though i love my apple products (apple TV, airport express, iphone, ipod, ipad, etc)... i am not a Mac person... so not really sure on malware software for them.

 

One thing i did hear in the past, was on a Mac.. that it got stuck on one of its updates.. and kept rotating downloading that update...

 

Apple TV, etc those are some of the devices that people tend to forget, so a good one to check 🙂