A node on my network was participating in the attacks. My stepson got a new phone recently and for the first time I allowed him to attach to my wireless network. This past week my wife and I were away at a conference. On Thursday morning I started to get email warnings from my network that a MAC address I didn't recognize was attempting to access several websites flagged as malware sights. I had recently added one more computer to the network for him to use so I assumed it was that machine. I forgot about the phone. On Friday morning the packets increased just before we were getting on an airplane. I found out about the attacks during our layover in Atlanta. Neither the hotel or airport wireless access was fast enough for my VPN remote access to my home to stay connected well enough to shut the network down. That is a problem that has been vexing me for a while now. We kept calling him to tell him to shut off that computer but it was going straight to voicemail.
Apparently on Wednesday evening he went to a small party. He plugged his phone in to charge it and left it there unattended and left the party for a couple hours. When he returned there was a kid there with a laptop in a bag and my stepson thought people were acting funny around him.
Like I wasn't paranoid enough already. They definitely installed some script kiddie **** on his phone. Unless they were complete idiots they got my wireless password out of the phone. It was easy enough to wipe the phone, toss the SIM card, and change the wireless password. I do use random passwords everywhere even within my home network. I'm sitting here shaking trying to figure out if I need to wipe everything. That would take months to recover from. They could have had two days access into my network using the password and MAC address from the phone. Passwords not protected by access limits could have been easily brute forced in that time.
The human link is always the weakest.
Apparently on Wednesday evening he went to a small party. He plugged his phone in to charge it and left it there unattended and left the party for a couple hours. When he returned there was a kid there with a laptop in a bag and my stepson thought people were acting funny around him.
Like I wasn't paranoid enough already. They definitely installed some script kiddie **** on his phone. Unless they were complete idiots they got my wireless password out of the phone. It was easy enough to wipe the phone, toss the SIM card, and change the wireless password. I do use random passwords everywhere even within my home network. I'm sitting here shaking trying to figure out if I need to wipe everything. That would take months to recover from. They could have had two days access into my network using the password and MAC address from the phone. Passwords not protected by access limits could have been easily brute forced in that time.
The human link is always the weakest.