Someone keeps hacking my wifi router

networking wireless-networking router security android

7,714

If you suspect your router is compromised

There are a couple things to consider,

If someone cracks your Pre-Shared key (WPA2-PSK), most peoples response when they suspect someone has gained access to their network is to immediately log into the web gui or telnet in to see whats going on.

This isn't a good response, as telnet sends credentials in plain text across the network, as does HTTP. The Attacker may be able to sniff your administrative password, then create a remote backdoor through the internet. if you changed your password after you suspected foul play on your network, the attacker could easily log in through a cell phone data connection to your administrative gui and see what you changed your WPA2 password to.

The proper response.

Unplug the power from the router.
Remove the Antennas temporarily if you can.
(if you cant, wrapping them in aluminum foil will dampen the signal significantly)
Plug into the router VIA Ethernet.
Factory Reset the router per your devices instructions.
after device boot, immediately log into the router.
Change the Administrative password.
(16 digit Alpha-numerical with uppercase lowercase and special characters) avoid using words that are found in dictionary's.
Disable WPS!
Change the WPA2-PSK & use AES only.
(no less than 16 digit Alpha-numerical with uppercase lowercase and special characters) Avoid using words that are found in dictionary's. Example: "L1nksTr1-F0rc3$@v3sZe|da~!"
Disable telnet, use ssh if possible.
Disable HTTP login, use HTTPS.
Update the firmware on your router.
Install antennas again, or remove aluminum foil.

That's pretty much it. The problem has become pretty serious. It used to be if you wanted to try and crack a password, you would have to setup your own distributed processing network using "pyrit" or similar hashing programs to test password hashes.

There are now websites available to crack simple to very complex passwords. you pay a couple fractions of a bitcoin, and they use massive networks of GPU Hashers to retrieve a password for you.

This has put hacking back in the realm of Kiddie Scripters, and people who would not have previously had this kind of processing power available to them. A simple google search should find plenty like this.

You have been warned!

7,714

Author by

Taimoor Khan

Updated on September 18, 2022

Comments

Taimoor Khan over 1 year

I have WiFi router at my home, and I have set the WPA2-PSK security on it. I set it with a strong password. My neighbour has repeatedly hacked my wifi, and I don't know how he breaks my security measures to retrieve my password.

He uses my WiFi on an android phone. Are there any android apps that he could use to break my router security and steal my WiFi password? could anyone tell me how the heck he always hacks my password whenever I change it?

Could someone please provide advise to secure my home WiFi router?
- alex.forencich about 6 years
  
  How do you know that your neighbor is using your wi-fi?
- LPChip about 6 years
  
  How many characters is your WiFi password? Just a complex password of 8 characters is not that secure nowadays anymore. For example: AoVd3Zb6 is not secure, but MyVerySecureWifiPassword642 is very secure.
- Taimoor Khan about 6 years
  
  i check in my router statistics, he is using the same mac address as my mobile, when I turn of my wifi, he is still connected, I don't how he has got my mac address and changed his mac address to my mac address. I have changed wifi password so many times but still he manages to get my password and connects
- acejavelin about 6 years
  
  Make sure you are using a 16+ character password, with all 4 character types, and WPA2 AES encryption. Also, change the admin password on your router to something more secure than the default. Does he have physical access to the router?
- Taimoor Khan about 6 years
  
  @acejavelin no he has no physical access to my router, and also I have changed the admin but yet I am failed
- AFH about 6 years
  
  There are lots of security options, depending on your router model, eg you can use MAC addresses to control WiFi access.
- acejavelin about 6 years
  
  WPA2 AES with a secure password is extremely difficult to crack. The fact that your MAC address shows in your router after you disable the WiFi in your device is not sufficient reason to suggest someone else is spoofing your MAC address, unless you are rebooting the router while the WiFi is REALLY off (remember that Android devices will still use WiFi in some cases even if it is off, it's called WiFi Scanning).
- LPChip about 6 years
  
  Also, be careful not to auto connect to your wifi in case you lose connection. One of the ways to hack wifi is by creating a replica of an existing wifi to make clients that know the password connect to their wifi instead. This will not give them your password, but it will give them a handshake they can use to crack. And in order to solve this, you need a secure password of 16+ characters.
- LPChip about 6 years
  
  Also, hiding your SSID + new password is a great way to protect your network against hackers.
- Taimoor Khan about 6 years
  
  @acejavelin my neighbourer is my friend, today he was sitting next to me and was using wifi, so I turned off my wifi but the statistic was still showing my mac address, then I took his phone and turned of his wifi then I checked the statistic so there was no device connected to my wifi, and then I secretly I checked his mac address so he had the same mac address as mine, thats why I asked the question
- Taimoor Khan about 6 years
  
  and also I saw some hacking apps in his android phone
- acejavelin about 6 years
  
  Change your WiFi name and password, make it hidden (do not broadcast SSID)... Or threaten your neighbor with legal action, hope you took a picture of his phone showing your MAC address. Or maybe just have a serious talk with them about the issue. If he is your "friend" he should do the right thing.
- Tim_Stewart about 6 years
  
  @acejavelin, no one mentioned WPS, it doesn't matter the complexity of the WPA-2 PSK passwords if this is enabled. Wps-pixie can crack the WPS pin on vunerable routers in seconds, in turn giving you a 16-24 character password in mili-seconds. Disable WPS! It's totally broken.
- Taimoor Khan about 6 years
  
  WPS is disabled in my router
- Tim_Stewart about 6 years
  
  Also, trying to hide your SSID does nothing. It's revealed to anyone sniffing in monitor mode.
- Tim_Stewart about 6 years
  
  And if he has already gotten access through you routers web gui, he may have a back door. You need to factory reset your router. Change the admin password to a complex one. Disable WPS, and make your wpa-2 password extremely complicated. No less than 16 alpha- numerical, with uppers and special characters.
- Taimoor Khan about 6 years
  
  @Tim_Stewart in your knowledge are there any android applications that can be used to hack some one router or password ?
- Tim_Stewart about 6 years
  
  Yes, it's based off of specific models of routers. I believe some Belkin's and other models have this security hole. See "router keygen" in the app store
- Taimoor Khan about 6 years
  
  @Tim_Stewart I am using tp link router
- Tim_Stewart about 6 years
  
  You can download that app for free and see if your router is vunerable, there are other apps, I haven't checked them out. I can confirm that one does infact work on some routers. But these security holes usually rely on you leaving your router at default settings. Change from defaults, make your attacker have to try and bruteforce 16 to the power of 62 or more. Even if he has some massive GPU hasher, it would take him years. And if your still worried about it. Change your complicated password every quarter.
- Jan Doggen about 6 years
  
  Taimoor, please update your question with the answers you give in comments - questions should contain alle relevant information, because comments can disappear.
- pythonian about 6 years
  
  @TaimoorKhan - From your description, when a device leaves a wireless network, it usually sends a disassociate packet to the Access Point (AP) so that the AP clears out its station table. In some instances, some mobile devices leave without saying goodbye (meaning they don't send a disassociation packet to the AP). In this case, the AP will keep the device in its station table for the duration of the inactivity timer and then the AP will clear it's own table. Could it be that the Mac Address of your mobile device is actually not your neighbor, but instead residue of your own mobile device?