DNS server changed automatically to
192.200.110.106
I have same problem on one device, the same IP address in DNS. Maybe Bug?DNS server changed automatically to
192.200.110.106
what malware ?name?More likely the same malware.
dam! i thought i'm the only one. currently running v6.39.3 x86 routerOS. it's the log i exported out, the day of the attack is yesterday. i noticed today, when someone complaining that DNS didn't work. i change my password now, let's see if i get another attack.No malware. Vulnerability. I believe it is this one: viewtopic.php?f=21&t=133533
There were reports from several users claiming same result - changed DNS after unknown admin miraculously "guessed" password and logged in remotely (for example viewtopic.php?t=134793 )
However, it might be something new... hopefully not. Mikrotik had already too much bad luck this year
There is your problem! You should update it!dam! i thought i'm the only one. currently running v6.39.3 x86 routerOS.
You are running vulnerable version, so no surprise that someone can change your settings when they can get all your usernames and passwords.
It was mentioned in this topic, upgrade, change passwords, add firewall...
viewtopic.php?f=21&t=133533
There is your problem! You should update it!dam! i thought i'm the only one. currently running v6.39.3 x86 routerOS.
And another thing: you should fix your firewall so people cannot login from internet.
Allow login only from your local network or via a VPN when that is not possible.