Hacked wireless routers are a common cause of a number of problems, including phishing attacks, man-in-the-middle attacks and unwanted ads. Many routers can be hacked easily over the internet, and are found by botnets that are constantly searching for vulnerable routers.
If you are having ads and strange redirects in your web browser (ie, you are sent to a site other than the one you were trying to go to), the following behaviors will indicate that the problem is due to a hacked wireless router (or other network appliance):
- The problem affects all browsers you have installed
- The problem stops if you move to another network (a friend's house, a local library, a restaurant or coffee shop with free wifi, etc)
- The problem affects all devices on the network experiencing problems, including iPads, iPhones and other such devices.
If all three of these behaviors are present, your network has been compromised. The next step is trying to figure out exactly what network hardware has been affected.
There are two potential pieces of network hardware in most homes that might be affected. One is the cable or DSL modem. The other is a wireless router. In some cases, a wireless router may not be used (if you just connect directly to the modem via Ethernet). In other cases, the modem may also have wireless router capabilities, providing both services in one device.
If you have a separate wireless router and modem, disconnect the router and plug your computer into the modem directly using the Ethernet cable that was connected to the router. (Be sure you know which port to plug the cable back into on the router before unplugging it!) Your Mac should automatically pick up the network, but if it doesn't, try restarting.
If the problems go away in this configuration, and returns when you re-connect the wireless router and go back to connecting to the internet through that, the wireless router is the device that has been hacked. On the other hand, if the problems persist, the modem has been hacked and the wireless router is probably fine.
If you own the affected router
If a wireless router that you own is the device that was hacked, you will need to reset your wireless router to factory settings. You will also need to update your router's firmware. If you do not know how to do these things, consult the manual for your router or contact the manufacturer. Check with the manufacturer about any other measures that must be taken to secure that particular device.
Some routers may be vulnerable to hacking and lack any firmware updates to fix that vulnerability. If your router is very old, it will be best to purchase a new router.
If you own the affected modem
Some internet service providers allow you to buy your own cable or DSL modem rather than renting one from them. If you have purchased your own, you should be able to reset it to factory settings. Read the manual or consult the manufacturer of that modem to find out how that is done. You should probably also talk to the manufacturer about how to better secure the device - such as whether there are firmware updates.
If you don't own the affected device
If the router and/or modem is provided by your internet service provider, you may not be able to make the changes noted above. Contact your internet service provider for assistance. If they are unwilling or unable to help, you may need to get creative. For example, tell them you're having internet problems and do what you can to get a service tech to come out... once the tech sees the problem on his own device, he'll either fix it or replace the device.
If the affected network is not your network - for example, it's a work network, a friend's network or a public network - alert the owner of that network to the problem and discontinue using it until the issue is fixed.