There is a web-based virus on mikrotik. When clients type address, it says "your connection is not hidden" NET:ERR_CERT_AUTHORITY_INVALID"
Then try to reload, it redirected to sohu.com address. Anyone else had trouble with this? Or how can i fix these?

Are you sure taht it is Mikrotik problem? Have you tried other router?

When I search for sohu.com I find this:

viewtopic.php?f=2&t=68290&hilit=Sohu.com

Perhaps your router was compromised and an attacker is intercepting your DNS.

Are you sure taht it is Mikrotik problem? Have you tried other router?

Totally sure, other router has no problem like this. Only mikrotik connections are being effected.

Perhaps your router was compromised and an attacker is intercepting your DNS.

I can connect couple websites, not all of them. Also, on Apple devices, it redirects to a fake apple security (apple id) page.

What is DNS setting for these clients?
What is DHCP server setting in Mikrotik?
Are you sure that router redirects pages?

If you let the web into your mikrotik, anything is possible!

Follow these instructions................
https://wiki.mikrotik.com/wiki/Manual:S ... our_Router

What is DNS setting for these clients?
What is DHCP server setting in Mikrotik?
Are you sure that router redirects pages?

Clients uses Google DNS (8.8.8.8 and 8.8.4.4) Also, changed to another DNS but still same issue.
DHCP Settings: 10.10.24.0/20

I don't sure about mikrotik redirects pages. But it's being affected by only mikrotik clients on the WAN. The other networks are not affecting. Clients can uses instagram, whatsapp,youtube etc. applications on their devices. Only most of HTTP and HTTPS redirects.

Is this issue address? I have same issue like this and i keep resetting the device which is not good.

Any update on this issue? this is so prostrating. Mikrotik need to address this issue.

Check this: viewtopic.php?f=21&t=134776
Do you have updated ROS?

Download the software upgrade for the OS. Remove your router from the internet, Upgrade your OS to the latest version, change all your passwords, do not use the same ones you used before and change the admin name as well.
And use the links provided to better secure the router. Dont allow external connections to the router itself and if you have to use VPN tunnels.

OP please post your current running config. This may be something such as a DNS hijack but could be significantly worse if your router is genuinely compromised.

So this means Mikrotik is easy to hack than other router devices. I only experience this one in mikrotik device, and how come when resetting it will fix the problem and back again after a month? fyi password has been change already.

MikroTik already addressed this issue in all release channels. Just upgrade to the latest version, set a new password and check your configuration to be sure.

If you continue having problems despite upgrading, send supout.rif to support.