1

The router of a friend of mine has been hacked, his android phone can't visit webpages with any kind of ads because it gets redirected to another site (this: http/hidcptqmerifcusymaqddcomolsujibeptsmycmqsrwgrcmywshgnfpjhcc.com/rot.aspx?partner=910345&f=popup-u ).

I got the same virus on my rooted android phone, and my linux mint laptop. (Obviously I didn't think about an hacked router before connecting to his home wifi).

His windows laptop and pc are not infected.

I guess that there is some strange dns-related stuff. On my linux laptop I changed the DNS to opendns and now seems to be working fine. On android with same dns seems still redirecting me. Also on android, I get redirect even when using 3G connection.

Any idea on how to fix this? Also, why Windows is not affected from this virus? edit: Sorry for much delay! I've resetted the router, a tp link with this firmware version: 3.0.1 Build 100901 Rel.23594. Now from my linux laptop I'm not having problems using the default DNS.

But the problem still remains on Android, where i have the redirect also navigating using google DNS, or 3G connection.

Improve this question
3
  • What type of router does your friend have and what firmware is it running? Latest stock or a WRT-type firmware? There is a good chance that it is DNS-related, have you tried forcing the windows PC to use the router DNS?
    – Christopher Hawker
    Commented Jan 2, 2016 at 13:55
  • Have you tried booting the infected laptop from a Linux live distro to confirm it's actually the router? Is it possible the infection is just on a couple of devices, rather than the router itself?
    – Ash
    Commented Jan 2, 2016 at 15:22
  • @Ash No I haven't, but since my laptop now is working fine after resetting the router I guess that was the problem. Also I haven't installed any apps, or visited any "bad" site recently. So i guess it's the router
    – Federico Ponzi
    Commented Jan 3, 2016 at 14:37

1 Answer 1

Reset to default
1

So I've finally resolved also on mobile. That trick was really smart: the adsense script is used on every site so it was cached, so even after resetting the router or using 3G connection I was redirect anyway. Deleting the cache data + resetting the router resolved all the problems.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .