Serious Discussion How was my "5G on-the-go hotspot" network device hacked?

Rov123

Level 1
Thread author
Nov 23, 2024
30
This may sound very tinhat foil to the majority of people, but I have been a victim of a sophisticated attack for a while now to my family and home network and devices. I got sick of it all, so I decided to buy a brand new laptop and a brand new on-the-go 5G hotspot network device. I went to a coffee shop with them to use, and within half an hour to an hour, the network device was attacked immediately. I looked at the network device alerts, and multiple times, it said "A new wifi device has joined the network", I checked and no devices were shown, but it kept saying and spamming that for almost 5 minutes straight. Only my laptop was connected to it, and there weren't any connection drops, so I do not know why it kept spamming those messages.

If this was a real attack, and my network device was truly hacked, how is it possible? Because the hacker is not near me locally I believe, they are from across the world. How did they manage to pinpoint and attack me while I was using an isolated device and network? Does this sound plausible? If we look at the bigger picture, I could be a random person using a random laptop and a network, but they manage to find me.

The device is called "Inseego MiFi X PRO". The device literally was advertised "Comprehensive security measures, including advanced encryption, guest wifi network, hacker prevention, SASE capabilities, and VPN/ZTNA support. Guarantee safe and secure connectivity to your enterprise network, even for remote workers accessing it from anywhere in the world." And it was hacked immediately.
 
Last edited:

Bot

AI-powered Bot
Apr 21, 2016
4,705
It's unlikely that your 5G hotspot was brute-forced, especially if you're using a strong password. Your device might be experiencing a software glitch or a misconfiguration. However, it's always possible that a sophisticated attacker could exploit a vulnerability in the device or the network. It's not that 5G is inherently unsecured, but no technology is completely immune to attacks. I recommend updating your device's firmware, changing your password, and contacting Inseego's support for further assistance.
 
  • Like
Reactions: simmerskool

Vitali Ortzi

Level 29
Verified
Top Poster
Well-known
Dec 12, 2016
1,887
This may sound very tinhat foil to the majority of people, but I have been a victim of a sophisticated attack for a while now to my family and home network and devices. I got sick of it all, so I decided to buy a brand new laptop and a brand new on-the-go 5G hotspot network device. I went to a coffee shop with them to use, and within half an hour to an hour, the network device was attacked immediately. I looked at the network device alerts, and multiple times, it said "A new wifi device has joined the network", I checked and no devices were shown, but it kept saying and spamming that for almost 5 minutes straight. Only my laptop was connected to it, and there weren't any connection drops, so I do not know why it kept spamming those messages.

If this was a real attack, and my network device was truly hacked, how is it possible? Because the hacker is not near me locally I believe, they are from across the world. How did they manage to pinpoint and attack me while I was using an isolated device and network? Does this sound plausible? If we look at the bigger picture, I could be a random person using a random laptop and a network, but they manage to find me.

The device is called "Inseego MiFi X PRO". The device literally was advertised "Comprehensive security measures, including advanced encryption, guest wifi network, hacker prevention, SASE capabilities, and VPN/ZTNA support. Guarantee safe and secure connectivity to your enterprise network, even for remote workers accessing it from anywhere in the world." And it was hacked immediately.
If you didn't install a certificate then all ssl traffic is encrypted
About that device it's either the device you used for the hotspot or a local device if you didn't set the firewall settings to public as setting as public should restrict at least some connections made by local devices




You can check the ssl certificate of the site your visiting and see if it was replaced by a malicious actor if not then you're likely safe at least for ssl traffic


Btw you can use a vpn to encrypt your traffic although unnecessary or add a firewall like comodo, zone alarm, Symantec but again unnecessary
As windows firewall treating the network as public and a secure DNS should be more then enough
 
  • Like
Reactions: simmerskool

Rov123

Level 1
Thread author
Nov 23, 2024
30
If you didn't install a certificate then all ssl traffic is encrypted
About that device it's either the device you used for the hotspot or a local device if you didn't set the firewall settings to public as setting as public should restrict at least some connections made by local devices




You can check the ssl certificate of the site your visiting and see if it was replaced by a malicious actor if not then you're likely safe at least for ssl traffic


Btw you can use a vpn to encrypt your traffic although unnecessary or add a firewall like comodo, zone alarm, Symantec but again unnecessary
As windows firewall treating the network as public and a secure DNS should be more then enough
What I'm most concerned about is whether if they are able to install malware or spyware on my laptop once they gain entry to the network, because it's been the case for my family and home devices where they installed RAT and more on my windows PC after hacking into my home network. So seeing those notifications of them entering my new hotspot device raise those concerns. It's much more alarming than them simply sniffing my traffics.
 

Victor M

Level 15
Verified
Top Poster
Well-known
Oct 3, 2022
732
Why did you go to a coffee shop to test your new equiptment? Hackers like coffee shops.Lots of possible victims.

What security features are on that Inseego? Does it have MAC address filtering? Maybe someone was trying to connect to your hotspot and the device kicked them out. Hence you see no other connected devices.

Do u have an iphone? On an iphone you can connect to your PC via usb cable, turn on iphone's hotspot and select usb, to provide internet. Then tell iphone that you trust the connected computer. A wired connection is safer - no possibility of outside contact.

On an android it is called usb tethering.
 
Last edited:
  • Like
Reactions: simmerskool

Oldie1950

Level 7
Verified
Well-known
Mar 30, 2022
321
Rov123: An old acquaintance.
Ultimately, he did not respond to Nasdaq’s offer of help.
 
Last edited:

Rov123

Level 1
Thread author
Nov 23, 2024
30
Rov123: An old acquaintance.
Ultimately, he did not respond to Nasdaq’s offer of help.
Because it is completely useless for the kind of attack I am facing. I am dealing with a threat actor that resembles APT, and you think that advice would help? That is a big waste of time.
 

Rov123

Level 1
Thread author
Nov 23, 2024
30
I think your new setup is secure. There is no proof of it not being so.
Ok I don't know if you have any experience in being a victim of a hacker before where they are downright evil and go out of there way to obsessively stalk and harass you, but that's essentially what this hacker does. When I got on the new device and network, and using them in a coffee shop away from my home which is infiltrated, I expected to be in complete freedom and do whatever I want without being watched and harassed, but the expectation failed because the harassment started on the new device too. There is no way in hell the hacker could have harassed me, I made an anonymous account online and they immediately followed it and induced subtle harassments.
 

Victor M

Level 15
Verified
Top Poster
Well-known
Oct 3, 2022
732
How did the hacker harass you when you were using the new equipment at the coffee shop?

Oh I have been hacked before. I have a web site up to help stalk victims secure their PCs.
 
  • Like
Reactions: simmerskool

Rov123

Level 1
Thread author
Nov 23, 2024
30
How did the hacker harass you when you were using the new equipment at the coffee shop?
I like to frequently go on Reddit a lot, and in the past at my home, the hacker would continually share my posts to people, to make me feel humiliated, embarrassed, and in general want to induce negative emotions in me. Reddit implemented a feature where it shows how many times your post has been shared. This hacker would go out of his or her way to share it one time, over and over and over again, and sometimes mass shared it in the 10s-20s, and downvote and upvote my comments and posts intentionally, and also got their friends or cybergang or group, or whoever it is to make throwaway accounts to comment nasty and mean messages in subtle ways and subtle personal attacks to cause very negative emotions, and in general to induce fear, panic attack and anxiety. A very nasty and mean and evil individual with ill intentions, and two-faced, fake and completely lacks a conscience or empathy.

I expect all of it to be gone when I got new device, but same ##### happened, I made new accounts there is no #####ing way they could have known it was me unless I got hacked again somehow. If you see in the general broader picture, I am simply a user out of other millions, so no way they would recognize me, only way is hacking and implanting a spyware through some very sophisticated method. The entry point is the network I believe, or windows os being vulnerable and bad security.

I read up stories of other people being victims to these kinds of predators before, where they all have the same personality disorder, tending to create multiple false and fake accounts and profiles, inducing harassments, and has fantasies with their victim, stalking and vindictive, continually adding and wanting to connect with the victim through some sick psychotic disorder. I find it really strange how these mentally unwell individuals have such elite hacking and computer skills, you'd expect these monsters to be on the streets and homeless, but somehow not only are they equipped with a nasty personality, they also have the computer skills which benefits their personality style. I do not get this at all.
 
Last edited:

Victor M

Level 15
Verified
Top Poster
Well-known
Oct 3, 2022
732
Have you ever powered up your new equipment and used it at home? If you did, then maybe your new setup was infiltrated there. And they simply followed you to the coffee shop.
 
  • Like
Reactions: simmerskool

Rov123

Level 1
Thread author
Nov 23, 2024
30
Have you ever powered up your new equipment and used it at home? If you did, then maybe your new setup was infiltrated there. And they simply followed you to the coffee shop.
I thought about this beforehand, and I think I did one time, but I swear I made sure to not connect to the potentially infected wifi, I disabled bluetooth and did not plug in USB or anything to contaminate. I turned on the device simply out of curiousity to see if it's working and to lower attack surface in various settings.
 

Victor M

Level 15
Verified
Top Poster
Well-known
Oct 3, 2022
732
There is a WiFi mode called WiFi Direct. It can connect to your PC bypassing the firewall. The Direct mode is made for ad hoc meetings and sharing of files. So you don't necessarily have to connec to a SSID to get hacked.

Have you considered that your modem may be hacked? Apparently there are modem hacks floating around.
 
  • Like
Reactions: simmerskool

Rov123

Level 1
Thread author
Nov 23, 2024
30
There is a WiFi mode called WiFi Direct. It can connect to your PC bypassing the firewall. The Direct mode is made for ad hoc meetings and sharing of files. So you don't necessarily have to connec to a SSID to get hacked.

Have you considered that your modem may be hacked? Apparently there are modem hacks floating around.
Yes, I am certain either the router or my modem was hacked, which somehow allowed the threat actor to install spyware and RAT on any computers that's connected to it. I recall one time I launched a notepad and wrote on it to the hacker to off themselves out of frustrations and anger, the hacker somehow knows I did that and said it back to me on one of my social media accounts, so this confirms that they installed some sort of spyware, or RAT where they can see my entire desktop screen and all my activities.

I decided to get a brand new internet or modem, the 5G Home Internet plan from Rogers, the device is called "FastMile 5G Gateways 3.2 and 2". I wiped my PC clean, reinstalled using USB, and connect to the new modem/internet, and of course it did not get rid of the spying.

sometime later, I decided to get the "5G on-the-go hotspot" device, called "Inseego MiFi X PRO" from Rogers again, and returned the FastMile 5G Gateways 3.2 and 2, thinking maybe my PC is rootkited, and so I purchased a brand new laptop, the Lenovo 7i Legion. I turned the laptop on one or two times in my home, but didn't connect to anything to check various settings. Then when everything's ready to go, I grabbed my backpack, the laptop and the hotspot device and went to a coffee shop, and somehow I got hacked again, it's like no matter what I do, the psychotic hacker finds a way to infiltrate.

I'd really love to know how this is even possible, because it seems impossible. Not to mention, my iPhones are infiltrated as well, not just windows PC, which is crazy to me because aren't apple products almost impossible to hack? If my iPhone is hacked, can't the hacker track me down? I was carrying the iPhone with me to the coffee shop as well, so maybe that's how I was pinpoint during the experiment.
 
Last edited:

Victor M

Level 15
Verified
Top Poster
Well-known
Oct 3, 2022
732
@Rov123 ,

One way to proof to yourself that you were hacked, in case of a hacked modem or router is to use nmap (the network scanner). Assuming that your modem or router configuration is typical, you can scan your personal network by 'nmap 192.168.1.0/24' or 'nmap 192.168.0.0/24'. You will catch the hacker in his tracks if you see a foreign machine present in your network.

Then you would be able to remedy it if your modem or router allows you to specify which MAC addresses are allowed in your network. The feature is designed to stop hackers who have bruteforced or guessed your WiFi password from joining your network. The modem or router will have a page which shows you which MAC addresses are currently connected, or you can go to each PC and type 'ipconfig' to see it's MAC address. Then you can put those confirmed OK MAC addresses into that Allow List. The feature may not stop all hacks, but it is a counter measure, and the counter measure would not have been built if nobody hacks modems.

A safe procedure is to set a reminder on your cell phone to change your WiFi password every 2 or 3 months. And while you are at it, schedule a reminder to do Windows Update on every 2nd Tuesday of the month because that's when MS releases security patches.

So far on this forum, from the handful of people who has claimed that they were hacked all relied on evidence from social media. But they didn't quote the actual messages here probably because of the personal nature of the messages. If you could quote the messages here, then we could help acertain that indeed something is wrong and suggest counter measures.

Some hackers do use malware, and not all of them are good at hacking. Do what @oldschool suggested and start a post in our malware removal sub forum, and CHECK BACK for REPLIES Every Day. If you don't reply to messages, the thread will be closed.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top