Can Your Wi-Fi Get Hacked?
Whether you’re working remotely from a coffee shop, checking email from an airport lounge, or streaming Netflix from home - your Wi-Fi connection (whether a public network or even your home network) may be vulnerable to attacks from cybercriminals.
According to one recent study [*]:
79% of home Wi-Fi networks use weak passwords and cybersecurity measures, leaving them vulnerable to cyber attacks.
Hackers can hack your router, spy on your Wi-Fi connection, and even eavesdrop on your conversations. With little work, scammers can gain access to personal information such as your credit card details or compromise your social media and online banking accounts.
While Wi-Fi hacking isn’t as common as ransomware or other types of social engineering attacks, it’s still a significant threat.
In this guide, we’ll explain how hackers hack your home Wi-Fi network, what to do if you’ve been hacked, and how you can build a Wi-Fi protected setup that keeps hackers out.
How Can My Home Wi-Fi Be Hacked?
Scammers have numerous ways of hacking your Wi-Fi network, including:
- Brute-force hacking your Wi-Fi password: Hackers can try hundreds of different password combinations to gain access to your password-protected router’s internal settings. If your Wi-Fi password is cracked, hackers will change the password and lock you out of your home Wi-Fi.
- Using the manufacturer’s default password: Wi-Fi hackers will use the manufacturer’s default admin password to gain access to your router and change its settings. That’s why you should always change your router’s default password. You should also create a unique SSID (wireless network name). Never use the default SSID.
- Exploiting an unpatched firmware vulnerability: Cybercriminals can exploit an unpatched firmware vulnerability to access the router’s internal settings. The Fraunhofer Institute tested 127 home routers from manufacturers including AVM, ASUS, Netgear, D-Link, Linksys, TP-Link, and Zyxel and found that almost all had security flaws—some of them severe—ranging from missing security updates to easily decryptable passwords and unpatched vulnerabilities that could be exploited.
- DNS hijacking: Cybercriminals can also trick you into visiting malicious sites using an emerging cyber threat. For instance, a hacker can conduct a DNS hijacking attack by breaking into your router and changing the DNS settings so that it redirects your traffic to harmful phishing websites.
The bottom line: If your home has an internet connection, it’s vulnerable to being hacked by a skilled cybercriminal, regardless of whether you’re using a firewall or not.
What Can Scammers Do If They Hack Your Wi-Fi?
If someone hacks your Wi-Fi, they can monitor all of your unencrypted traffic. This means they can spy on data sent across your network from all of your devices, including personal information like your name, address, and even financial account details.
In other words, they have all the information necessary to steal your identity and commit fraud.
At the same time, they can also download harmful videos and files to your network, infect devices with malware, ransomware, or malicious software like VPNFilter or SwitcherTrojan, and commit further cyber attacks — like DDoS attacks.
But that’s not all.
Once your Wi-Fi network is hacked, scammers can gain remote access any connected device without proper security settings — even a baby monitor.
That’s what happened to a mother in the UK whose two-year-old son was having trouble sleeping for weeks. Turns out, a stranger hacked the baby monitor and was shushing the baby in the middle of the night [*].
Cybercriminals have proven they can and will exploit unpatched routers with outdated router firmware to commit criminal acts. Unfortunately, many vendors aren’t prepared for this reality.
There are many recent incidents instances cyber attackers exploiting Wi-Fi router vulnerabilities, including:
- Exploiting TP-Link Routers. Since 2016, cybercriminals have exploited an unpatched vulnerability to hijack TP-Link 4G-capable routers.
- Exploiting Tenda Routers. Cyber attackers used zero-day vulnerabilities to install malware on Tenda routers and built an IoT botnet to perform DDoS attacks.
- Hijacking Linksys Routers. Hackers hijacked victims’ Linksys routers and redirected their traffic to malware sites when users were trying to access popular sites like Amazon and Disney.
📚 Related: Was Your IP Address Hacked? Here's How To Tell →
Can Someone Hack Your Phone Through Wi-Fi?
Unfortunately yes, your phone can be hacked via Wi-Fi.
Hackers know how to hack into your phone (especially over public Wi-Fi networks) like any other physical device, regardless of whether you’re using an iPhone or an Android phone.
For example, during a Man-in-the-Middle attack (MitM), a hacker can eavesdrop on communications between the phone and a Wi-Fi network to collect personal information submitted from the phone.
📚 Related: How To Know if Your Phone Is Hacked (and What To Do) →
Here’s How To Know If Your Wi-Fi Is Hacked
- Slow internet speed: If you notice your internet is much slower than usual this may indicate that there is an unauthorized intruder with access to your network. The more people using your network, the more internet bandwidth is consumed and less bandwidth is available to browse online, use applications and services, or watch videos.
- Unfamiliar devices or IP addresses detected: Attackers may try to connect to your network with unfamiliar devices. If you think someone is snooping on your activity, you can log in to your router’s IP address in your web browser and look at the list of connected devices.
- Wi-Fi password changed: Cyber attackers will change your login credentials shortly after breaking into your router to stop you from changing the settings and protecting yourself. If you can’t log in with your own credentials, this indicates that your Wi-Fi router has likely been hacked.
- Unusual software on your devices: If you notice software or applications installed on your devices that you didn’t authorize, this can be another telltale sign that a cyber attacker has taken control of your Wi-Fi network.
- Strange activity in your browser: If you try to visit a website or online service and are automatically rerouted to a different site, scammers may have compromised your router and changed its Domain Name System (DNS) settings.
- You receive a ransomware message: Scammers may have found sensitive information, data, or photos that they’ll use to extort you for money. If you receive a ransomware message, it could be the result of a hacked Wi-Fi network.
What To Do If Your Wi-Fi Was Hacked
A hacked Wi-Fi network can lead to even more dangerous consequences — such as identity theft, fraud, and account hacking. As soon as you see the signs that your router has been hacked, act quickly to shut down scammers.
Here’s what you can do:
Factory reset your router
If you believe your router has been compromised, perform a hard factory reset to return the router to its out-of-the-box factory settings. (Note that this is different from using the normal reset button). A factory reset or full reboot can help remove certain strains of malware and ransomware and reset all existing configurations (including any malicious changes).
Change your Wi-Fi network password
The next thing you should do is change your admin password (and SSID). Changing your network admin password will mean that a hacker won’t be able to use your old credentials to log in again, and it will stop them from eavesdropping or changing your router settings. Avoid weak passwords that hackers can guess, like password or password123.
Disable remote administration
If you haven’t already deactivated remote administration on your router, then you might notice that the hacker has gained access to your computer, especially if they’re moving your cursor around or installing unknown programs. You can counter this by turning off remote administration through the router’s online interface.
Regularly check your credit report and bank statements
Scammers are almost always after your financial accounts. Check for the warning signs of identity theft — such as strange charges on your bank statement or accounts you don’t recognize. An identity theft protection service like Aura can monitor your credit and statements for you and alert you to any signs of fraud.
Scan devices for malware
After breaching a network, attackers will often attempt to install malware on devices. It’s a good idea to use reputable antivirus software to scan your devices for malware so that you can remove any malicious content they’ve left behind.
Consider identity theft monitoring
If you’re certain that your online privacy has been violated, consider an identity theft monitoring solution that includes data breach monitoring and credit monitoring. This way, if a criminal attempts to use your personal information to commit identity theft, or if your sensitive data is found on the Dark Web, you'll be alerted and given the chance to act fast, before irreparable damage is done.
Here’s what you get with Aura:
- Award-winning identity theft protection. Aura monitors your most sensitive information — from your Social Security number (SSN) to your credit card details — across the Dark Web, public records, and more. If anyone tries to use your identity or your details are compromised, you’ll be notified in near real-time and get the support you need to shut down scammers.
- Three-bureau credit monitoring with the industry’s fastest fraud alerts. Aura has direct connections with the three major credit bureaus — Experian, Equifax, and TransUnion. If scammers use your stolen details to take out loans or open accounts in your name, you’ll be covered by the industry’s fastest and most reliable fraud alerts.
- AI-powered digital security tools. Aura protects your devices and data with comprehensive digital security tools, including antivirus software, a military-grade VPN, secure password manager, Safe Browsing tools, AI spam call protection for your phone, and more.
- 24/7 access to White Glove Fraud Resolution Specialists. If you have questions or become the victim of fraud, Aura’s team of trained specialists is available night and day to help you.
- $1 million in identity theft insurance. If the worst should happen, every adult member on an Aura plan is covered for up to $1 million of eligible losses due to identity theft — including lost wages, lawyer fees, childcare, and more.
How To Prevent Wi-Fi Hacking
- Change your router's admin credentials. If you get a new router, you should always change the network name (SSID) and password that came with it. This prevents an attacker from looking up the default admin password and SSID. When changing the password, select a strong password with a mixture of uppercase and lowercase letters, numbers, and symbols.
- Update your router’s firmware. Routers have vulnerabilities that attackers can exploit if they’re not patched. Installing firmware updates will ensure that there are no vulnerabilities that attackers can capitalize upon to break into the device and eavesdrop on your activity.
- Deactivate remote administration. Many routers come with a remote administration feature, allowing access to the router’s admin settings through a web browser. Out of an abundance of caution, it’s a good idea to deactivate this setting, as it will prevent hackers from exploiting an unsecured connection to your router. You can also set up a guest network that doesn’t have administrative privileges.
- Protect your network with a secure VPN. Another simple way to protect your information from attackers is to use a VPN to encrypt your traffic.
- Disable your router’s WPS setting. Hackers often scan local areas for networks that support WPS. They will attempt to audit them with a tool called Airgeddon, as these networks can be hacked with brute-force PIN attempts and pixie-based attacks that enable them to get your WPS pin and recover your router password. Disabling the WPS setting prevents these attacks.
- Enable WPA2 encryption. If your router has Wi-Fi Protected Access (WPA) security protocol, such as WPA2, you can use this setting to encrypt your activity with AES encrypting. WPA2 encryption is always preferred against WEP encryption. An extra layer of protection in addition to WPA2 encryption is MAC address filtering, a practice by which your router is configured only to allow a pre-approved list of devices join the Wi-Fi network.
- Use ethernet instead of Wi-Fi. By default, an ethernet (wired) connection is more secure than Wi-Fi, because it does not transmit data through the air, leaving it more susceptible to interceptions. However, an ethernet connection is not the most convenient option, so it's not realistic to rely solely on a wired connection to protect your Wi-Fi against hackers.
- Use antivirus software. Installing antivirus software on your devices is crucial. Even if an attacker breaches your router, they won’t be able to deploy malware or viruses to your devices.
Take Action: Protect Your Online Privacy
Your personal data is like currency to cyber attackers. Don’t think that just because your router is in your living room it’s beyond the reach of a sophisticated hacker.
Monitoring your network activity and taking the time to properly configure your router and Wi-Fi security with the strongest security settings will reduce the risk of a cybercriminal being able to breach your defenses and steal your personal information.