Hacker problem

Idris_PIdris_P CaliforniaMember Posts: 10

I have a hacker problem and he keeps connecting this device to my router from a remote location Mac address is 78:F2:9E:60:22:48 and has also changed his Mac address to the following,78:F2:9E:60:22:50/also 00:05:04:03:02:01/also DA:A1:19:61:89:9E. Fingbox did not alert me to this device only until I did several vulnerability scans nor did it block the device as it says it should.How do I stop this hacker from getting inside my network?


Best Answers

  • vulcansheartvulcansheart Posts: 89 ✭✭✭
    Accepted Answer
    I noticed you're connected to "Xfinity" WiFi. Is it possible you have an unlocked SSID? Comcast uses the default "Xfinity" SSID for their nationwide hotspot coverage using home/business routers. These devices that you see connecting are probably nearby devices that are legitimately connecting to the open hotspot network. Check your address on this map and see if you are listed as an open hotspot:


    41 4c 4c 20 59 4f 55 52 20 42 41 53 45 20 41 52 45 20 42 45 4c 4f 4e 47 20 54 4f 20 55 53
    CiaraneJony
  • vulcansheartvulcansheart Posts: 89 ✭✭✭
    Accepted Answer
    @Guest159 You stated that you have been dealing with a specific individual that has followed you to a new location, and continues to gain access to your WiFi? If this is in fact true, then you simply need to step up your game. Please visit this thread for some assistance in hardening your home network

    41 4c 4c 20 59 4f 55 52 20 42 41 53 45 20 41 52 45 20 42 45 4c 4f 4e 47 20 54 4f 20 55 53
  • vulcansheartvulcansheart Posts: 89 ✭✭✭
    Accepted Answer
    @Brettly61, you seem to have had some troubles of your own as you've posted on several other discussions here. Would you like to begin your own discussion so perhaps the community can assist?
    41 4c 4c 20 59 4f 55 52 20 42 41 53 45 20 41 52 45 20 42 45 4c 4f 4e 47 20 54 4f 20 55 53
    Idris_P

Answers

  • Idris_PIdris_P CaliforniaMember Posts: 10

    Thanks for your response @vulcansheart.I bought my own router after buying fing.So the hotspot functionality is not enabled.the Mac address starting with 00:05:04:03:02:01 has been mysteriously appearing on several different routers.when I received my fingbox and activated it that Mac address and along with the ip I clicked watch.So when I bought my new router and connected it and applied fingbox,fingbox alerted me that the device was in range.so low and behold I happen to see the person that I suspect of hacking my router on his motorcycle and sped off after I blocked the device.

    T_I_75
  • pwmeekpwmeek Member, Beta Tester Posts: 96 ✭✭✭
    <snip>. Check your address on this map and see if you are listed as an open hotspot:


    That map is seriously incomplete. I can see a half dozen open "xfinitywifi" hotspots in nearby apartments which are not shown on the map. I would not depend on this map to check whether my own Comcast modem/gateway/router/wifi box was open or not.
    --Pete
    Bon Vivant and Raconteur
    Idris_P
  • OrangeBucketOrangeBucket Member Posts: 10
    edited December 5
    A brief trawl suggests 00:05:04:03:02:01, which I believe tends to be associated with x.y.z.254 addresses (varying with your configuration), is normal for your brand of router. I saw it suggested that it is associated with the ability to plug in a POTS analogue phone to use with VOIP. Does that make any sense in your case?

    With regard to the other addresses: 78:F2:9E:60:22:48/50 are assigned to Pegatron (the other address is a Google device) and could easily be a pair of interfaces on the same device. For example, some devices use different MAC addresses for 2.4G and 5G Wi-Fi. Have you definitely eliminated everything you own? Nothing with anyway similar addresses? Remember that it doesn't have to be configured for IP. For example I have a Wi-Fi extender that my router shows as connected that doesn't have an IP address associated with that MAC, but does with a virtual version of it. Nothing like Powerline adapters or anything floating around doing their own thing?

  • Idris_PIdris_P CaliforniaMember Posts: 10

    @OrangeBucket Every device that is mine I have on file.If I ever get a new device I first take down the information properly.When I connect the device I then make sure everything is accurate.I am the only one who uses my network and only have 3 devices connected.A smartphone,fingbox and my ps4 excluding the router Mac addresses for 2ghz and 5ghz @OrangeBucket I respectfully appreciate all your input on this matter.

    As far as Mac address 00:05:04:03:02:01 disappeared after buying a new router and it never reconnected,it showed as in range and alerted me.I then blocked the device and that was when I was 💯% sure that the device was in no way associated with my router.Everytime I would change either my router password, SSID name etc the same individual will drive back into my neighbor Hood and park within range and do his dirty work.I will go outside and then the person will hurry and speed off so that I can't catch him.

    When I lived at another location I dealt with the same situation and most likely the same individual.And repeated random devices would connect to my router within ten min after changing all passwords.I always had the hotspot disabled while using an Xfinity router.

    T_I_75
  • vulcansheartvulcansheart Member, Beta Tester Posts: 89 ✭✭✭
    pwmeek said:
    <snip>. Check your address on this map and see if you are listed as an open hotspot:


    That map is seriously incomplete. I can see a half dozen open "xfinitywifi" hotspots in nearby apartments which are not shown on the map. I would not depend on this map to check whether my own Comcast modem/gateway/router/wifi box was open or not.
    You disagree that there is value in knowing if your wireless network is a published hotspot? It's good that your neighbors aren't on the map. The less accurate it is the better if you're trying to stay hidden...
    41 4c 4c 20 59 4f 55 52 20 42 41 53 45 20 41 52 45 20 42 45 4c 4f 4e 47 20 54 4f 20 55 53
  • nakedpwrnakedpwr Member, Beta Tester Posts: 1

    vulcansheart - hey man that was actually really good read!

    Ciaranvulcansheart
  • pwmeekpwmeek Member, Beta Tester Posts: 96 ✭✭✭
    pwmeek said:
    That map is seriously incomplete. I can see a half dozen open "xfinitywifi" hotspots in nearby apartments which are not shown on the map. I would not depend on this map to check whether my own Comcast modem/gateway/router/wifi box was open or not.
    You disagree that there is value in knowing if your wireless network is a published hotspot? It's good that your neighbors aren't on the map. The less accurate it is the better if you're trying to stay hidden...
    No, I said that using this incomplete map is not an accurate way of detecting whether your own Comcast modem/WiFi is a public hotspot. I certainly believe that you should know about your own network; just that this map does not tell you the condition of your own Comcast Modem/WiFi.
    --Pete
    Bon Vivant and Raconteur
  • vulcansheartvulcansheart Member, Beta Tester Posts: 89 ✭✭✭
    edited December 6
    Edit*
    Comment double-posted for some reason.
    41 4c 4c 20 59 4f 55 52 20 42 41 53 45 20 41 52 45 20 42 45 4c 4f 4e 47 20 54 4f 20 55 53
  • Idris_PIdris_P CaliforniaMember Posts: 10

    Thanks for the feedback @vulcansheart and others.

    I thought I was stepping up my game in a way by purchasing my own router and purchasing a fingbox because it stated that it stops hackers.All steps to harden my network I took a while back.Making sure my firewall is up etc. Disabled upnp and disabled WPS change default password to a strong password with the full amount of characters it will allow.Not broadcasting my wifi name with a string password.

    This individual is bypassing everything and is going straight to the router and then attaches a device to it and then routes my traffic to him.

    Then I start seeing altered webpages and content that I am not even looking for.I don't save passwords to browsers anymore and only way I noticed to prevent entry is to constantly changing the router password or simply turn off my router when I'm not using it.

    I believe this person will and at any means research any router I purchase and any device for defense will search and find flaws either a webpage itself,app and device.

  • Brettly61Brettly61 Member, Beta Tester Posts: 5

    I wanted to comment on this guy’s hacker problem. I’ve been in your shoes. For over 14 months, I was plagued with a hacker. I had one of Xfinity’s Arriss routers’ completely comprised by a hacker. This punk, I assumed based on the hours etc he was active that he was a student in or a neighborhood kid. He locked me out of my own router changed the passwords and hardened the firewall. And he erased the Bios on my laptop somehow costing me a new computer

    When the Comcast guy brought me a new router, he basically confessed that simple HomeNetworking is full of local area hackers trying to get your bitcoins and credit card numbers. Over a year later, and some very active vigilance on my part, the creep went away after he stole my credit card number and rang up a bunch of apps at the App Store.

    I just have had be thing to say to young people that this is not a game. It not ethical hacking. It’s criminal. And i am keeping logs and and running zenmap and wireshark and narrowing down where you live. And I was less than 30 meters - in any direction- close to catching a criminal who stole from me, trespassed onto my virtual property, changed my setting and cost me a lot of sleep.

    These hackers need punishment and the ISP’s of the world need to stop brushing the Home Networking customers off.

    I hope it goes better from here

    Idris_PBoombies
  • VABelleVABelle Member Posts: 16

    Same here & it’s been going on for years. I’ve moved 3 times and it’s only a matter of days before Hacker is back in, although in my case it’s not to steal credit card information. I have found tiny holes drilled in the bathroom & bedroom; security cameras turned off & on, and footage even erased. Sometimes he goes into my accounts & turns off auto-payments, or changes admin passwords; turns off the notifications on my apps like Xfi and even hacked my security system apps and turned the alarm off. The police won’t (or can’t) do anything without proof or evidence. The only thing I can think is the dark web is teeming with equipment that breaks through most security measures and only the most astute Geek Gods can keep them out. It’s a game, an adrenaline thrill, a challenge for the diabolical genius hackers who make destroying other people’s lives their main goal. Maybe it’s a club where they have challenges and contests, and share their methodology. They probably take a blood oath.

    ISPs need to do more to protect their customers, that’s all. The Fingbox is a good start but more needs to be done.

Sign In or Register to comment.