mikrotik hacked

acidu · January 14, 2017, 3:05am

does anyone have seen this login web page?

-only ip service that was allowed was winbox 8291…and still they manage to break it and reflash it with other staff, now I could not connect to it by winbox, my vpn connections to it does not work, could not see it in neighbors…so yes.. it has been hacked and firmware changed…it still has it`s public Ip because it responds to ping, why it seems so easy to break a mikrotik ? and then install what ever you want on it? for what purpose are they doing this…using now the router for what?

if anyone know more about this issue I will be glad to hear from them
thank you

eworm · January 14, 2017, 4:06am

Looks like login interface for Hanbang video device. Are you sure this is your Mikrotik?

Rudios · January 14, 2017, 6:56am

I vote for unknown port forward!

savage · January 14, 2017, 7:42am

Well, given the URL in the browser (.aspx), it definitely doesn’t look like a MT device yes.

juliokato · January 14, 2017, 2:26pm

This is a hotspot setup redirecting external web server authentication page.

acidu · January 14, 2017, 11:18pm

thx for replys… indeed was a dvr login webpage, someone modified elseware the asignament of the public ip

pffff not a mikrotik hack…but someplace else was a hack!

thread can be closed now.

Thank you