PDA

View Full Version : WPA2 wi-fi hacked by neighbour....I think.



FredaYimp
09-24-2013,
Firstly, I'd just like to introduce myself to the Community here. This is my first post. Hi. Nice to meet you all.



I'd like to share an experience that I (think) I have just been through regarding wi-fi security. An experience that has kind of left me feeling rather 'invaded' in my own home. But the worst thing about it is, is the actual uncertainty I am currently feeling as to whether it actually HAPPENED - or not! I just need to know, has my wi-fi been hacked? - or not? That's why I joined here today, I was just hoping some of you more knowledgeable guys and girls out there could confirm for me one way or another. So here's the story....



Re-wind back to end of May this year. Bank Holiday Monday at about midday..........I was sitting in my front room happily minding my own business watching the tele with a bacon sarnie in one hand and a mug of hot tea in my other when I noticed two pretty flash-looking cars pull up outside. Nothing too unusual there, but then one guy got out holding an I-pad or similar device and APPEARED to be using it to film the other guy......... who appeared to be filming his own slow journey down my street from inside his own convertible car.



Now, here's where it gets interesting...... from my perspective at least......(The first thing to mention is that I live at the end of a cul-de-sac in a fairly affluent area of a London suburb). The guy that was out of his car holding his I-pad (or similar machine) MADE A POINT of standing in every driveway in the cul-de-sac where I live, or directly in front of EACH property for a couple of minutes at a time, whilst he was using his device. The other guy in his convertible car was coming down the close at a crawl, also using his tablet/pad whilst driving.



Naturally, these going's on got a few neighbour's curtains twitching, but I was the only one who actually went out to confront these two guys as I was pretty peeved to see this guy standing on my driveway, as he had been doing on other driveways too! The outcome of this?.......I got told to **** off back into my house (well not my house - my mother's! lol) as they were doing a 'filmshoot' of each other and that it was no good taking down their car's licence plates because they were stolen! So - at that.... I just cowled (pretty cowardly, tbh) back indoors and watched them from the front window, where they continued their antics of standing in driveways for about another 5 mins before finally leaving. YES....I was pretty scared by this. They were both big lumps of men and I certainly wasn't going to get into any sort of physical altercation with them because.... a, they knew where I lived and.... b, they seemed pretty villainous characters, were WAY bigger than me!



Anyway, fast-forward several months.......Although not forgotten, my initial shock, intimidation and curiosity at what these guys were doing died down after a few weeks, and I kinda got on with my summer........



That was until last week when, after putting up with what I considered was pretty darn slow internet speeds at certain times of the day, especially during evenings and night, I was horrified when I noticed 600-700 megs of data were being clocked up on my router's data meter.....during the night whilst I was sleeping (obviously, I haven't been switching off my wi-fi at night. Silly me!). This happened on 3 consecutive nights.



I didn't know what the hell to make of this! I'm not particularly tech-minded. So I asked myself, "Is this normal?" Should my router be sending out data like this during the night, even when I am not online and my pc is OFF?? And I have NO OTHER devices in my house to feed off this data anyway. Is 700 mb a lot - or not?? Then I stopped to think about it for a moment........700mb is enough darn data to fill a blank music CD, so YES.....that must be a heck of a LOT of data, considering I am not connected to the internet at THAT particular time!



So, after following the necessary instructions and managing to reset both the Admin password and Wireless one too about 5 days ago, I was delighted (but kinda horrified at the same time!) to see that NO DATA WHATSOEVER was now being used during the night when I checked my data-meter next morning after waking. My feelings were mixed because I was delighted to see I'd stopped it happening, but I was horrified because the reality kinda hit me that it was highly likely someone had been hacking my connection, and what for, heaven only knows!!



And where do the two guys in the cars fit in to all this?..........



Well it just so happens that one of them moved in to my street at the time of the incident at the end of May. I found out from another neighbor that he is renting a properly about 50 meters away.



Maybe I have put 2 and two together here and come up with 7, but you know when you just get this gut-feeling?? (or should I say - 'GUTTED' feeling!)



So folks, thanks for reading this if you have managed to........ without falling a-kip. lol !.....Maybe all pretty boring and that you might have heard it all before, I really don't know. But the whole thing has kinda freaked me out a bit.....more really because of the UNCERTAINTY of thinking, 'HAS this REALLY happened to me??'



IF any of you already-existing members would like to comment on what YOU think has happened here, please feel free to do so.....even of you think I am being a paranoid tw*t........It will only serve to put my mind at rest......because 'a paranoid tw*t' is how I feel right now!

FredaYimp
10-02-2013,
Hi robby501, it sounds to me like you really had been cracked at that time, and that these men were looking for wireless networks that they could crack their way into.



You probably retained your default password, which you have now changed. That will increase your security no end.



Are you able to contact your ISP and advise them of the incident? Even though there may not be a cost implication, the worry is that these downloads might not have been stolen music: they might have been illegal photographs and images or other illegal activity. It's worth getting your ISP to record that you've had an incident involving unauthorised access to your wireless network, and that you have taken steps to prevent it.



The fact that these men were abusive when you confronted them raises a huge red flag.

Jessemann
10-10-2013,
Bloodyhell.

Reading this has sent a shiver down my spine - but thanks anyway. I needed to hear this for my own sanity and peace of mind!

I actually made a couple of posts previously about this on a BT forum. https://community.bt.com/t5/Other-Broadband-Queries/WiFi-hacked-how-can-I-report-it/m-p/1408135#M97096 , but to be honest, the answers I received were nowhere near as helpful (and blunt to the point!) as yours!

As you correctly assumed, I have been using the 'factory' password on my wi-fi ever since it was first installed back in April '13. I kinda overlooked the whole password/security issue after reading somewhere that WPA2 is supposedly 'safe' (something to do with a '4-way handshake' encryption system if my memory serves me right?)



In fact, I even got told previously that it would be not much use to report these 'goings on' as it is a FAILURE on my part because I am responsible for my own wi-fi security at home.



Since this is an issue which I have only been monitoring with any great eagerness during the last week (since finding out), I have researched the basics of doing a 'start>cmd>ipconfig' search to see if anyone is stealing my wi-fi, but as far as I am aware, doing this will only give me the IP's of those who are riding my network AT THAT GIVEN TIME. So my question here is that.... is there any way I can check out my BT router's IP HISTORY to see the IP's of any foreign computers/devices that have previously had connection to my wi-fi going back over the last few months??



Thanks for advising me for the need to contact my ISP. It kinda confirms to me what I already knew. However, I will need to hand them some sort of evidence I guess, won't I? Just saying that I 'think' someone has hacked into me is not enough, I presume? Or will they then be obliged to look into this further on my behalf?



So yes thanks.....you made me realize the NEED to report this now....my only reservations being is that I am not quite sure how exactly to go about doing so at this moment in time?



I'm pleased I joined here today!

Jessemann
10-18-2013,
Hi robby501,



WPA2 is safer then protocols such as WEP, or not having any password, as well as you are correct about WPA2 using a 4-way handshake to help verify your identity to the router. Unfortunately with the right knowledge this handshake is incredibly easy to capture. Once that has been accomplished it is a simple, although possibly time consuming, task to preform what is called a dictionary attack. Essentially the way that this works is that the attacking PC uses a list of common and default passwords and just randomly guesses until it gets the correct one.



The simplest way to prevent something like this from breaching your security is to ensure that you use a strong password. This applies not just to your home wifi but to any passwords you make online or anywhere else. A good rule of thumb that most websites enforce is to have a minimum of 8 characters, at least one upper case letter, one lower case letter, one number, and one special character. In addition you should try not to use actual words. While Passw0rd! meets the requirements it is something that people will think to try and will likely manage to gain access to your account.



As an added layer of security at your home ensure that you are using a strong password on both your router and your PC. Even if someone gains access to your network you can still make it difficult for them to gain access to your PC this way.



Like Angoid said I would certainly recommend reporting this to your ISP even without solid proof just so that they have something on record to help keep yourself covered.