You are reading a single comment by @starfish&coffee and its replies. Click here to read the full conversation.
  • Thanks, I haven't got a scoby doo how to get into my router settings, it's an Airport Express from 2012, but will have a go this weekend.

    Also, what else will/may have been compromised by this? Do I need to burn my house down and change my entire identity?

  • I've never used airport routers but a quick google tells me your default LAN IP is going to be 10.0.1.1. To check this, if you're using a windows machine go to the command line and type in ipconfig. If you're on linux, go to a command window and type ifconfig, on apple go to the terminal and type:
    route get default | grep gateway

    on all of these methods the gateway IP address is the one you want. Now type the gateway IP into your browser and you'll hopefully be presented with a login screen. Google tells me the default log in for your router is going to be:
    public

    If you've changed it at some point, it'll be whatever you've changed it to. If it's not been changed, I'd recommend you do it. Once you're into your router there will hopefully be a fairly user friendly menu which will guide you to everything else - once you've turned UPnP off, it should be fairly secure but it might be worth checking to see if there's any specific port forwarding rules set up. There will be a table somewhere in the router settings which will outline any port forwarding rules that have been set up - if you haven't done these I wouldn't expect there to be any. If there are some and you don't know what they're for, make a note of them and then remove them. If anything stops working in your network, reintroduce the port forwarding rules until it starts to work again and then remove the unnecessary ones.

    I wouldn't be too worried - turning UPnP off will stop the majority of things. It'll be worth rebooting your router once you've changed everything too just in case you have something like a mirai botnet malware which has infected your router - a simple reboot removes that malware.

    I think the chromecast hack was just an exercise in vanity by some youtuber - there's been a few recently with printers and stuff like that. So don't worry too much, though I'd recommend burning your house down and changing your entire identity at least once every 5 years as a bare minimum.

About