Zyxel hacked

michaelJin · January 2021

I believe my Zyxel was hacked today and updated to the lasted firmware make it back to normal.

One of my computer keep getting connection issue today and after check the log, the number of session is over
configuration, but actually it is not. The configured number session is 1000 and there were about 50 sessions from
session monitor.

Not sure how does it happen. I also noticed that when I login, I got a popup about the firmware upgrade, this is new and
I didn't enabled auto update.

I suspected because there is a hacker ongoing for a while.

Looking for suggestion how to secures Zyxel router.

Michael

chandan · January 2021

Not sure whether you are asking solution for a router or zyxel usg firewall device as you have posted in USG section.

But, if you are asking help for the firewall, do the following.

Suggesting you to remove or disable any other admin account.
Check the logs of admin login in your system logs to find any potential intruder and try to trace him.
Check any unsecure connection and suspend it.

If you are running any old firmware in your zyxel usg device, suggest you to upgrade to the latest released firmware version immediately.
Just keep in mind the necessary steps of upgrading the firmware.
Do not forget to take backup of the startup-config settings before upgradation.

Zyxel hacked

All Replies

Categories

Security Highlight

Security Help Center