- Joined
- Aug 17, 2014
- Messages
- 1,669
- Reaction score
- 294
theres a damn thingie named The Moon
it infects ROUTERS and makes them donwload an ELF file
redirect connections to 5.104.175.150 8.8.8.8 port 80 and consumes tons of bandwidth
also spams popups in browsers(i have firefox and IE 11)
ANTIVIRUS AND ANTISPYWARE DONT DETECT IT SINCE IT INFECTS ROUTER NOT THE PC
to fix...for now:
reset to factory settings
upgrade firmware
enabled router firewall
change router admin pass
closed remote control(why the fk is that active on routers?)
must be like this in tplink
ACL
for now its working but i need some help from any of you to stop this little thing to spread
and more data about that ip adress its from bulgaria
linksys already "patched" this but thou said theres a botnet involved
i was infected for 1 entire day now i think im clean :glare: but im still not sure
it infects ROUTERS and makes them donwload an ELF file
redirect connections to 5.104.175.150 8.8.8.8 port 80 and consumes tons of bandwidth
also spams popups in browsers(i have firefox and IE 11)
ANTIVIRUS AND ANTISPYWARE DONT DETECT IT SINCE IT INFECTS ROUTER NOT THE PC
to fix...for now:
reset to factory settings
upgrade firmware
enabled router firewall
change router admin pass
closed remote control(why the fk is that active on routers?)
must be like this in tplink
ACL
| Activated Secure IP Address 0.0.0.0 interface LAN DNS Relay use discovered only on Linksys go to administration/remote management and disable it and setup a trusted DNS (DONT USE THE GOOGLE ONES) |
and more data about that ip adress its from bulgaria
linksys already "patched" this but thou said theres a botnet involved
i was infected for 1 entire day now i think im clean :glare: but im still not sure
