Why did mikrotik start ssh without a password, and writes that the password has been hacked?

D

DVoropaev2020-05-23 10:10:34

SSH

DVoropaev, 2020-05-23 10:10:34

A simple password was deliberately set on the router. And after a while, the router began to start up without asking for a password at the entrance.
How could this happen?

Reply

Answer the question

In order to leave comments, you need to log in

6 answer(s)

K

KriosDezer, 2020-05-23
@KriosDezer

Routeros 6.20 was released in 2014. The front yard is your Mikrotik right now.

M

Myr4ik, 2020-05-23
@Myr4ik

Check /system note print. Probably, there you will find your message with "DEVICE HACKED ..."
Considering that "A simple password was deliberately set on the router ...", it is quite obvious that the password was picked up, removed for the "admin" account and left a message in the section "/system note".
case solved)

A

Armenian Radio, 2020-05-23
@gbg

A simple password is simple because it is most likely to be found in the dictionaries of various kinds of hacker tools.

C

CityCat4, 2020-05-23
@CityCat4

Apparently because it was actually hacked :) Mikrotik is a very popular device - and with popularity comes one thing - everyone starts trying to do something nasty :) Here the hackers turned out to be polite - they wrote honestly :)

N

Nikopol25, 2020-05-24
@Nikopol25

Close access from outside, update the firmware to the latest one, disable the admin user and create a more complex password.

A

Andrey Lutsenko, 2020-05-26
@PapaTramp

So the RouterOS version is 6.20. Of course they will hack it, up to 6.41, if I'm not mistaken, there are exploits. You were hacked, and they wrote that you were hacked. So that you finally pay attention to this.