Getting hacked at a hardware/BIOS level?

YouAreHere

New Member
Out little home network has been the victim of relentless hacking for over 2 years.

Something that may be significant is that when the hackers control our computers remotely, they are able to initiate a power-down on the computers. What I mean by that is that Windows 10 does not go through the normal shutting down process, the machine just gets immediately powered off - akin to someone holding down the power button. I'm wondering if this indicates the hacker has got BIOS/hardware level access to our computers?

I ran ESET antivirus on our Windows 10 machines and it detected a CompuTrace Variant in the BIOS. Our computer manufacturer does put CompuTrace in the BIOS legitimately, but I read this article about CompuTrace which I thought was interesting: Beware of Vulnerable Anti-Theft Applications
Anyway, that may be a red herring.

Windows Defender doesn't stop the hacker and after I installed Kaspersky Security Cloud, within 24 hours, I found Kaspersky was deactivated when I booted into Windows.

I've tried wiping the Windows 10 machines and reinstalling the OS from a USB but soon enough our hackers come back again and the computers get compromised.

Our home network has the default ISP router with a basic firewall. It stops all inbound by default, but allows most outbound traffic. The logs on it are quite basic, so not enough data for tracking a perpetrator in my opinion. I've changed the admin and wi-fi password on this device to something substantial and done a full reset.
I'm wondering if I should be looking at replacing the router with something more substantial, but I don't know enough about these things to know what to buy instead. Something with substantial traffic logging would probably be useful. Recommendations?

P.S.
I can only login to this forum using incognito mode. If I try and login through a normal browser window I get a security error "Security error occurred. Please press back, refresh the page, and try again.". Is that a cookie issue?
 
Last edited:
I've not changed the SSID but I have changed the passwords for the modem/router several times.
As a footnote to that, we are using WPA2 security on the network.
 
This could be a lot of things including hacking, but I suspect it's a hardware problem rather than hacking. Firmware/hardware hacking is extremely rare and generally reserved for state sponsored hacking groups since it requires very specialized skills and money to pull off
 
Back
Top