Your Virgin Media account number: 14 - Our Reference: VMIS70-Portmapper-F008496799
Dear Mr ,
Your home devices could be at risk
We're writing to let you know that a device connected to your home network has been identified as having a potential Portmapper vulnerability.
A Portmapper vulnerability is a security issue whereby a 3rd party can use this protocol to gain unauthorised access to your network/devices for malicious purposes. If a 3rd party has access to your network/devices they will be able to perform a Distributed Denial of Service (DDoS) attack.
It is therefore important that you follow the advice in this letter.
What has happened?
We suspect the device may have been misconfigured by you, someone in your household or without your knowledge. If the settings are left unchanged they can be exploited to unwittingly participate in malicious activities, for example a Distributed Denial of Service (DDoS) attack.
IP: Date: 13 October 2020 How can this issue be resolved?
To fix this problem please visit virginmedia.com/portmapper for guidance on how to secure your network.
More help & support
Protect yourself in the future; Web Safe is available to Virgin Fibre customers at no extra cost to help give you protection against malware and viruses. Full details can be found by registering or signing in to your account at virginmedia.com/myvirginmedia and going to My Apps.
For extra advice, or to double-check that this is a genuine Virgin Media communication, head to our community at virginmedia.com/community, click 'Help forum' and join the conversation on the Security Matters board.
The hub as never been in modem mode, the only thing I have connected to the hub that could flag anything like this is my NAS, but I have never had any issues like this in the last 15 years it's been on and it's only ever turned on for a few hours at a time.
Must be, I can't remember the actual date last time I switched it on but it could have been the date they are saying I had to transfer some files to the NAS which took most of the night. I have turned DMZ off to see if it helps, I will also enable the firewall inside the NAS.
Hopefully the forum team can confirm the identity of the reporting third party to allow you to: (a) confirm the detection; (b) obtain a copy of the the data captured in response to their rpcinfo query; from them.
What would be nice is if their customer support agent who I spoke to today who cut me off after a 1 hour 30 minute phone call, saying give me a few mins why I go check with another agent could actually phone me back and explain 1st why I was cut off! why phone back 35 minutes later to me answering the phone then again being cut off with no reply!! 2nd answer the questions I asked over the phone regarding this issue.
I asked 1 simple question
did I receive this email due to the high transfer on my home network bring up a fake DDOS attack because the transfer took nearly 8 hours to complete!
This question took over 45 minutes before I was cut off not getting any answer.