Raspberry pi 3b hacked need help

Concealedfox70 · Fri May 04, 2018 12:01 pm

My Bluetooth greyed out and I couldn't control it. I have had confirmation from other companies that what's going on is real so please do not comment if that is how you feel. I have reinstalled rapberrian is that all I have to do? What about like a cmos reset? Can it be done? Bluetooth is working after reinstalling.

Fri May 04, 2018 12:03 pm

If you have re-imaged your SD card, then you have effectively started from scratch. There is no other memory on the Pi you need to worry about.

RaTTuS · Fri May 04, 2018 12:05 pm

remove all portforwarding to your RPi
reinstall raspbian
change default password for raspberry
install and upgrade everything
re-install port forwarding stuff

what did you leave open

Concealedfox70 · Mon May 14, 2018 12:58 pm

idk it was stock raspbian with little apps installed all updated and no settings that could have done it changed. when it happened a peculiar wifi name came up as 000//000//000// and so on. i think my neighbour did it he got kicked out shortly after i reported it to police. his wifi name was "i am watching you" for the longest time. that wifi name is gone now thats how i figure it was the same guy

but i appreciate the advise i know now ill be good with a reinstall. how do i close the ports as you guys mentioned?

Heater · Mon May 14, 2018 2:43 pm

Have you changed you Pi password? If not do so.

If you have already connected to the internet with the default password then:

1) Put another fresh Raspbian image on your Pi. The one you have may already be compromised.
2) Do not connect to the internet.
3) Change the default Pi password.
4) Better still create a new user for your Pi with a nice password and remove the Pi user.
5) Now you can connect to the internet.

W. H. Heydt · Mon May 14, 2018 6:39 pm

Concealedfox70 wrote: ↑
Fri May 04, 2018 12:01 pm
What about like a cmos reset?

There is no CMOS or any other form of writable BIOS on a Pi. The only storage on the chip is ROM and cache. Anything in the cache memory goes away when the power does. The equivalent data to a CMOS BIOS is the file "bootcode.bin" in the FAT partition of the boot device.

jbudd · Mon May 14, 2018 7:57 pm

how do i close the ports as you guys mentioned?

Port forwarding is set up on your router.
Usually you access the router admin by a web page at the router's ip address, eg 192.168.1.1
You can check your router ip address with the ifconfig command on the pi or ipconfig in a Windows command window.

If your pi, or perhaps your router did get hacked, you should check the user accounts on your other computers and change all passwords, including your WiFi one.

Maybe a factory reset on your router is a good idea too, but make sure you know the settings to reconnect to your ISP. And check if there are any firmware updates available for it.

jbudd · Mon May 14, 2018 8:04 pm

ps. I opened port 22 on my router (a Talktalk one, think it's a D-Link inside).
When I switched that port forwarding to "inactive" and rebooted the router, port 22 was still open.
You should delete the port forwarding rule not just switch it off.

Raspberry pi 3b hacked need help

Raspberry pi 3b hacked need help

Re: Raspberry pi 3b hacked need help

Re: Raspberry pi 3b hacked need help

Re: Raspberry pi 3b hacked need help

Re: Raspberry pi 3b hacked need help

Re: Raspberry pi 3b hacked need help

Re: Raspberry pi 3b hacked need help

Re: Raspberry pi 3b hacked need help