Forensic discussion for my hacked home network
Posted on 2014-07-11
Here is a strange thing for you. I went to bed Tuesday and everything in my home network was working well.
Wednesday morning before going to work I want to reply an email. My internet is not accessible from my laptop. I see that my wireless connection is established, but my NIC card is not connected to the Netgear router. The Netgear router is not able to connect with the ISP modem, not obtaining the public IP address.
I came back that day and figure that my Raspberry Pi also does not have connectivity via NIC with the Netgear Router. After checking the Netgear router I see that all its network cards are not able to establish a connection. I called Cox to see if it was them and it wasn’t. I put a second laptop (work) in the network and got the same result no connectivity. I put that same laptop directly to the ISP modem and yes I get to go to the internet this way. So for sure it was not my ISP modem.
Basically all the NICs are affected for the Netgear router, Raspberry Pi and even my laptop.
To make matters worse I purchased a new home router and my laptop now only works with the wireless card to access the internet and it shuts down every ½ hour or so. It shuts down if I do certain things like down load from the web something or try to check this file that I see in the event viewer an “MSS.log”(C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log).
For all this to happen overnight leads me to believe that my systems were hacked somehow.
I will rebuild tonight my laptop and see how it goes. It stinks I lost for now my Raspberry Pi card for my XBMC application.
I think the hack comes from my Raspberry Pi new Add-on repository entry.
Thank you, M