Mikrotik router hacked?

Hammer · July 30, 2018, 4:42pm

I have about 20+ Mikrotik routers in use. For almost all (but not all) all firewall DROP rules are disabled! have only noticed it now because a provider has turned off an Internet connection (DNS Server). Nothing was changed, no passwords changed or user created. The devices have different Internet providers and no commonality.

Can it be that all devices were hacked same Time? Has anyone ever experienced that? Can it be a malfunction?

The devices have different firmware versions, so it’s not that only older ones are affected. Sure, you can increase security, but the configuration is not insecure or faulty.
FW MK.PNG

Muqatil · July 30, 2018, 4:45pm

https://forum.mikrotik.com/search.php?keywords=mikrotik+hacked
A 0.1 seconds search will give you an insight of the issue. Without opening yet another topic that is going to be moderated like the others.

Issue was fixed in March already.
https://blog.mikrotik.com

Upgrade to 6.42.3
Change password after upgrade (not before)
Implement a good firewall

Hammer · July 30, 2018, 5:46pm

#§%!?+!.. ok, sorry for double post.

Thanks Hammer