a week ago - last edited a week ago by RogersJermaine
I've had a problem with my router for some time now like changing the password form time to time on its on and settings such as wps turning it self back on and remote access settings changing on its on I've reset it time and time again I've changed password local ip and also keep getting unknown devices connected and when I search the Mac address online I get unknown address everytime I'm wondering if it's possible that it's been flashed with a hacked firmware or if it's maybe it's had like an e prom or n prom done to it and how could I know or fix this problem my internet cuts out all the times it's blocked devices on it's on I've had my bank account some how 1100 dollars in debt and it seems all I get from Roger's and ramp is change password ect... I've done this with no luck changing anything I also have had 4 Facebook and Gmails taken
***Edited Labels***
Sunday
@Edward1945 What router do you currently have and when was the last time that your vendor issued security (or any firmware) update?
If you suspect that any piece of equipment has been compromised, whether it is a computer or networking gear, stop using it and disconnect it from the network.
If you specifically think that your router has been compromised, disconnect it and use the Rogers-provided Ignite Gateway.
Normally, routers should be pretty resilient to attacks. However, if a vendor's security practices are lax, their products can get compromised en masse.
If the router is cloud-managed and your management accounts gets compromised, the "bad guys" can push out configuration changes, such as changing passwords, enabling remote access, or changing DNS settings to servers under their control, where they can redirect connections for legitimate sites to fake sites that steal your login credentials. (This happened to Linksys and D-Link customers just a few years ago. Sometimes, even well-known vulnerabilities can go unpatched for years.)
There are also countless products out there that are dangerous to use because they have well-known, unpatched vulnerabilities and their vendors have abandoned those products and no longer offer any software updates:
https://therecord.media/dlink-devices-exploited-vulnerabilities-cisa
https://www.tomsguide.com/us/home-router-security,news-19245.html
Products can also get compromised if their vendors have lax security practices. If their build environments get compromised, "bad guys" can introduce security vulnerabilities into their products, unbeknownst to anyone. They can fall victim to supply chain attacks, where they unknowingly introduce vulnerabilities by putting too much trust (and inadequate vetting) of third-party software modules. It's also bad when they accidentally leak VERY sensitive information (such as signing keys) onto public GitHub repositories.
Here's another case of something really bad happening: https://arstechnica.com/security/2024/05/mystery-malware-destroys-600000-routers-from-a-single-isp-d...
Lastly, if any device in your home gets compromised, whether it is your computer or IoT smart devices, it can allow attackers to obtain persistent access to your internal network that they can then use to attack other vulnerable devices.