WRT1200AC and home network hacked

My home network had been hacked been hacked recently, and everything you can think of has been compromised. I have been currently trying to upgrade/hard reset the firmware for my wrt1200ac router as a start because i believe the hackers have been running a proxy from between my modem and router.

Upgrading using LuCi will not erase any of the config files, and I am unable to reset any of the root files in my router. Attempting a hard reset using

umount /overlay && jffsreset2 && reboot now

gives me

/dev/ubi0_1 is not mounted
dev/ubi0_q1 will be erased on next mount
writing dev/ubi0_1 failed: Bad file descriptor.

Please advise on how to proceed.

If you already have OpenWrt installed you can go into failsafe_mode and then initiate a system upgrade using the command line after you have uploaded the necessary firmware files into /tmp.

here is a link on upgrading from the cli.

Are you running openwrt? What version? Did you have anything of note installed or configured differently than a standard/default configuration?

Before you reset and erase it, make a backup of the current configuration so that we can look at the files to see if anything is wrong.

All of that said, is there anything specific that makes you believe that it was the router itself that was hacked, rather than some host behind the router (which could have been infected with malware via some other vector)?


The upgrade procedure can keep your current settings, or can erase them.

1 Like