How to find out if your home router is infected

It often happens that you notice slowdowns or ads in your home connection, so here's how to check your router and how to defend it from hackers

Home routers are one of the least protected devices by users. Often consumers just use the passwords set by default by the manufacturer and never update the device exposing the connection to various threats from hackers. Here, then, is how to find out if your modem has been infected by a cyber criminal.

Most of the hacker attacks on routers happen at the DNS server level. Thus, when we try to connect to a certain website, the malicious DNS server set by the cyber criminal will automatically connect us to the site of a phishing campaign. In this way we can be tricked by a scam, or fooled by a social engineering technique, or more simply come across a computer virus. Noticing these attacks in progress is not easy. One of the first signs is the slow loading of pages. Even if the connection is good, in fact, phishing pages take a bit longer than they should to load completely.

Absence of encryption

Another of the small signs to detect that something in our router is not working properly is the absence of encryption. If we never see HTTPS sites, that is, safe and secure, it may mean that we are experiencing an attack on our home connection.

Watch out for ads

If we suddenly start noticing more frequent advertisements on Google searches or within sites, it is possible that we have had our router tampered with by a hacker. If, for example, we see pornographic ads on official websites, such as Il Corriere della Sera or Facebook, it means that the router is infected.

How to act

If we notice one of the above issues on the modem, we must act to stop the infection. First of all we access the administration page of the router and check the DNS. If near the voice DNS we notice the option "Manual" means that a hacker has changed the system settings. By default, in fact, DNS is set to "Automatic". Computer security experts recommend to check this setting occasionally to see whether the router has been compromised or not. What to do if a malicious DNS server has been inserted? Simple, just delete all the router settings and perform a reset to factory settings to eliminate any infection.

How to improve the security of our router

To prevent a hacker from accessing our router too easily there are a number of actions to take. First of all we install all firmware updates. It must be said that most manufacturers do not constantly release new versions that can remedy old vulnerabilities. Second, we need to disable remote access to the router's administration pages. We then change the login credentials and password on the administration page. These are usually the same on all routers, which means that a hacker only needs to discover the code used by one manufacturer to target thousands of users.