Menu
Reply
mikeyfafa
  • 3
  • 0
  • 1
Tuning in
344 Views
Message 1 of 8
Flag for a moderator

VMIS60-NETWORKATTACKS

I received a malware warning letter today and a text earlier this week.

We have quite a few devices in the house (4 macs, 1 chromebook, 1 dell, 4 echo dots, 3 ipads, a sonos system, 3 phones, a bunch of IoT devices,  2 internet TVs, 2 NAS drives, a Tado heating system and a printer that all connect to the network. I've run malwarebytes checker on the macos devices and came up with nothing (the dell is a work laptop and locked down). I've read that some people have tried wiping their devices and still get the alert so rather than going down that path as it will take me ages to do it I'd like to try and identify which device it is using tcpdump or wireshark. I'd like to get more info about the traffic so I can do this.. Wiping and reinstalling form backups might just bring the malware back so need some more info please.

0 Kudos
Reply
用心棒
  • 5.95K
  • 670
  • 2.06K
Very Insightful Person
Very Insightful Person
303 Views
Message 2 of 8
Flag for a moderator

Re: VMIS60-NETWORKATTACKS

Issue has been flagged to the forum team who are best placed to provide the information sought; be aware it can take them a few hours / days to respond.

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
MikeRobbo
  • 15.27K
  • 1.17K
  • 1.94K
Alessandro Volta
274 Views
Message 3 of 8
Flag for a moderator

Re: VMIS60-NETWORKATTACKS

Have you run a deep anti virus check ?


*********************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************
BT Smart Hub 2 with 70Mbs Download,18Mbs Upload, 9.17ms Latency & 0.35ms Jitter.
0 Kudos
Reply
mikeyfafa
  • 3
  • 0
  • 1
Tuning in
221 Views
Message 4 of 8
Flag for a moderator

Re: VMIS60-NETWORKATTACKS

Not across all devices on the network as I'm not aware of a product that would do that. 

I think it might be my NAS drive though. I'd had it unplugged for a week or so after doing some tidying up and after I added it back on to the network my internet speed dropped to dial up speeds across all devices. I unplugged it and everything went back to normal. I need to investigate further though. That's why more info from virginmedia regarding the type of malware or traffic (destination IP addresses perhaps) would be helpful.

0 Kudos
Reply
mikeyfafa
  • 3
  • 0
  • 1
Tuning in
173 Views
Message 5 of 8
Flag for a moderator

Re: VMIS60-NETWORKATTACKS

So to figure this out I setup a virtualized untangle firewall ng on my mac mini using virtualbox. I bought a usb to ethernet dongle so I could sit the mac between the virgin hub and my taotronics mesh wifi router. After setting everything up I ran the firewall for a day and nothing sinister was reported. I'd kept the NAS drive off the network at this point. Then I switched the TaoTronics router for the NAS Drive so that was the only device going through the firewall and left it running overnight. Bingo!

mikeyfafa_1-1610955638575.png

 

 

 

philstewart1976
  • 2
  • 0
  • 0
Joining in
93 Views
Message 6 of 8
Flag for a moderator

Re: VMIS60-NETWORKATTACKS

Did you ever get a reply to this.  I am in a very similar situation.  It would be extremely helpful if I could tell what time the attack was detected so I could limit the number of devices I need to look into (e.g. I installed a new Mesh WiFi three days ago (issue?) and I had a friend connect to the network for several hours yesterday)... 

The fact I spend £50 a month (and have done for 3 years) and can't speak to a human being when contacted with a threat of being turned off is just AWFUL customer service.

0 Kudos
Reply
philstewart1976
  • 2
  • 0
  • 0
Joining in
89 Views
Message 7 of 8
Flag for a moderator

Re: VMIS60-NETWORKATTACKS

I should say I'm not nearly as technical as Mikey above ... so whilst I'm grateful for his post ... I need a simpler solution.  Time of day would be a good start... 

0 Kudos
Reply
Tom_F
  • 3.42K
  • 208
  • 441
Forum Team
Forum Team
66 Views
Message 8 of 8
Flag for a moderator

Re: VMIS60-NETWORKATTACKS

Hi philstewart1976, sorry to hear you've encountered this issue too. 

 

In some cases the relevant team are able to give us more info to help narrow these things down.

So we can try to help further I will get in touch via PM to confirm a few details & we'll take it from there.

 

Tom 

0 Kudos
Reply