What to Do to Regain Access to Your Linksys Account After a Hack

When a vendor takes up a big part of a certain market, that vendor taking a hit eventually impacts millions. Just a few months ago, the Linksys Smart Wi-Fi app was hacked, and it resulted in multiple account locks. Since Linksys has around 30% of the home router market, tons of users were locked out of their accounts. However, all of that was done to protect them and their data from malicious exploitations. As long as you know how to reset passwords, it is possible to get back on track using your home router. Let’s check what happened exactly with Linksys Smart Wi-Fi.

Have I been hacked?

First, let’s make something clear here: if you were locked out of your account, it doesn’t necessarily mean that your router has been compromised. Reportedly, around 1,200 accounts were hacked, and Linksys initiated the account lock to avoid further damage.

So, whether you got hacked or not, it has come to this situation where you have to reset your password. And in reality, it’s not a bad idea to reset or change your Linksys Smart Wi-Fi password once in a while. You can do it via your Linksys Smart Wi-Fi mobile app or through the main homepage. There are two major ways to reach the password reset page.

First, you can click the Forgot password? link underneath the login box. Second, you can type linksys.com/reset into your browser and go straight to the page manually. To ensure your security, there are no password reset steps provided out in the open. You have to enter your email address first, and then you will receive the password reset instructions in the mail.

From there, you just need to come up with a new password, and you will be able to access your account again when the account lock is dissolved. Just don’t forget to come up with a strong and unique password. Don’t reuse old passwords because they might have been leaked already. Also, every single device that you use should be protected by a unique password. To make matters easy, you can employ a password manager that will help you generate new passwords, and you won’t even have to memorize anything because the tool will do that for you.

What prompted the Linksys Smart Wi-Fi attack?

Now that the account lock is no longer a problem, we can take a closer look at the hack and see what we can learn from it so that we could avoid similar issues again. Please note that sometimes you cannot virtually escape every single hack because your service provider has to protect your account from such threats, too. But you can still mitigate the damage by making sure that hackers steal as little as possible.

So, the truth is that the security experts cannot tell exactly who stands behind the Linksys Smart Wi-Fi attack, but it is clear that the hack rides the ever-rising wave of cyber attacks that are related to the COVID-19 pandemic. It is believed that home routers were hacked by the means of brute-forcing, and their DNS settings were changed to forcefully redirect users to malware-related websites.

Each time users tried to access such domains as aws.amazon.com, goo.gl, bit.ly, Disney.com, redditblog.com, fiddler2.com, Washington.edu, and a handful of others, the modifications within the router redirected them to websites where they saw a pop-up about a “COVID-19 Inform App.” The users were urged to install an app that supposedly would give them the latest information and instructions about coronavirus.

Needless to say, clicking the Download button downloaded not the app but a malicious EXE file that eventually downloaded the final payload – Oski stealer. This malware is created to collect and steal personal information like passwords, crypto-wallet cookies, registry credentials, and so on. Since the Oski malware is also available for sale, it is hard to say who is exactly using it for the Linksys Smart Wi-Fi hack, as there might be several owners of this malware.

How to mitigate the damage

As we have already established, if you know how to reset the password, that’s the first thing to do when you know your account has been hacked. The account lock imposed by Linksys might be annoying, but please understand that it also protects you and many other users from malware proliferation.

In the unlikely event of malware infection, the account lock is actually the least of your worries. After all, you can fix that with a simple password reset. However, if you have really been infected with malware, you might have to work a little bit harder to restore everything back to normal.

First, you should invest in a licensed security application to scan your system and detect all the malicious files present. Please note that a malware program is not your regular application, and (at least most of the time) you cannot remove it via Control Panel. Manual removal is not recommended if you are not a computer expert. To get rid of Oski stealer, or any other malware infection for that matter, you should leave that to a security tool that can terminate such infections automatically.

Also, aside from investing in a powerful security tool, you should employ safe web browsing habits and other cybersecurity practices that make a malicious hack less likely. Constantly changing your passwords and generating them with password managers are a few of those things that can help. Also, please be careful of random pop-ups that try to push you into downloading unfamiliar software.

In some cases, if the hack occurs despite all the security measures that were employed, you can only hope for a service provider to enable something like the Linksys account lock to protect your data. To put it simply, a password reset is a very small price to pay for avoiding a serious personal data leak.

By Foley
July 23, 2020
July 23, 2020

Leave a Reply