All of My accounts etc have been getting hacked for a long time which makes me believe someone is doing a mitm, or evil twin attack. Maybe even have malware on one of my devices, even though ive changed all my accounts, Passwords, wiped devices, etc. Got a new router and modem aswell hoping it would stop it and give me more insight into whats happening. My touters logs are just full of dropped packets constantly, its every few seconds. Heres an example. Any help / advice would be great. Aug 20 13:52:58 kernel: DROP IN=eth0 OUT= MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:08:00 SRC=185.39.11.32 DST=90.206.58.122 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=22333 PROTO=TCP SPT=47975 DPT=55006 SEQ=4225612697 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000 Aug 20 13:53:01 kernel: DROP IN=eth0 OUT= MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:08:00 SRC=91.229.112.5 DST=90.206.58.122 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=39995 PROTO=TCP SPT=47190 DPT=1331 SEQ=72328050 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000 Aug 20 13:53:01 kernel: DROP IN=eth0 OUT= MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:08:00 SRC=87.251.74.18 DST=90.206.58.122 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=28213 PROTO=TCP SPT=46847 DPT=10015 SEQ=2731176784 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000 Aug 20 13:53:06 kernel: DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1d:aa:98:6f:7c:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=144 TOS=0x00 PREC=0x00 TTL=254 ID=47934 PROTO=UDP SPT=8728 DPT=4944 LEN=124 MARK=0x8000000 Aug 20 13:53:16 kernel: DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1d:aa:98:6f:7c:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=144 TOS=0x00 PREC=0x00 TTL=254 ID=47935 PROTO=UDP SPT=8841 DPT=4944 LEN=124 MARK=0x8000000 Aug 20 13:53:19 kernel: ACCEPT IN=br0 OUT=eth0 MAC=d4:5d:64:a4:6a:10:24:4b:fe:6e:0d:6b:86:dd SRC=2a02:0c7f:d03a:5500:cc90:8b1a:c249:ffdd DST=2a00:1450:4009:0808:0000:0000:0000:2004 LEN=1378 TC=0 HOPLIMIT=63 FLOWLBL=0 PROTO=UDP SPT=64989 DPT=443 LEN=1338 Aug 20 13:53:19 kernel: ACCEPT IN=br0 OUT=eth0 MAC=d4:5d:64:a4:6a:10:24:4b:fe:6e:0d:6b:86:dd SRC=2a02:0c7f:d03a:5500:cc90:8b1a:c249:ffdd DST=2a00:1450:4009:0808:0000:0000:0000:2004 LEN=1378 TC=0 HOPLIMIT=63 FLOWLBL=0 PROTO=UDP SPT=64990 DPT=443 LEN=1338 Aug 20 13:53:20 kernel: DROP IN=eth0 OUT= MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:08:00 SRC=83.97.20.31 DST=90.206.58.122 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=54321 PROTO=TCP SPT=41185 DPT=80 SEQ=1716051536 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000 Aug 20 13:53:26 kernel: DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1d:aa:98:6f:7c:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=144 TOS=0x00 PREC=0x00 TTL=254 ID=47936 PROTO=UDP SPT=8911 DPT=4944 LEN=124 MARK=0x8000000 Aug 20 13:53:33 kernel: DROP IN=eth0 OUT= MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:08:00 SRC=192.35.168.232 DST=90.206.58.122 LEN=44 TOS=0x00 PREC=0x00 TTL=38 ID=6648 PROTO=TCP SPT=18169 DPT=12171 SEQ=455501482 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 OPT (020405B4) MARK=0x8000000 Aug 20 13:53:33 kernel: DROP IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:1d:aa:98:6f:7c:08:00 SRC=192.168.2.1 DST=224.0.0.1 LEN=40 TOS=0x00 PREC=0x00 TTL=1 ID=11196 OPT (94040000) PROTO=2 MARK=0x8000000 Aug 20 13:53:34 kernel: DROP IN=eth0 OUT=br0 MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:86:dd SRC=2600:9000:21f7:1200:000d:274d:a6c0:93a1 DST=2a02:0c7f:d03a:5500:9090:30ca:f48e:f025 LEN=106 TC=0 HOPLIMIT=52 FLOWLBL=285353 PROTO=TCP SPT=443 DPT=58538 SEQ=800977019 ACK=1754448095 WINDOW=117 RES=0x00 ACK PSH URGP=0 MARK=0x8000000 Aug 20 13:53:34 kernel: DROP IN=eth0 OUT=br0 MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:86:dd SRC=2600:9000:21f7:1200:000d:274d:a6c0:93a1 DST=2a02:0c7f:d03a:5500:9090:30ca:f48e:f025 LEN=91 TC=0 HOPLIMIT=52 FLOWLBL=285353 PROTO=TCP SPT=443 DPT=58538 SEQ=800977065 ACK=1754448095 WINDOW=117 RES=0x00 ACK PSH URGP=0 MARK=0x8000000 Aug 20 13:53:34 kernel: DROP IN=eth0 OUT=br0 MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:86:dd SRC=2600:9000:21f7:b800:0018:4532:5280:93a1 DST=2a02:0c7f:d03a:5500:9090:30ca:f48e:f025 LEN=106 TC=0 HOPLIMIT=52 FLOWLBL=302514 PROTO=TCP SPT=443 DPT=58465 SEQ=2301177167 ACK=844297420 WINDOW=117 RES=0x00 ACK PSH URGP=0 MARK=0x8000000 Aug 20 13:53:34 kernel: DROP IN=eth0 OUT=br0 MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:86:dd SRC=2600:9000:21f7:b800:0018:4532:5280:93a1 DST=2a02:0c7f:d03a:5500:9090:30ca:f48e:f025 LEN=91 TC=0 HOPLIMIT=52 FLOWLBL=302514 PROTO=TCP SPT=443 DPT=58465 SEQ=2301177213 ACK=844297420 WINDOW=117 RES=0x00 ACK PSH URGP=0 MARK=0x8000000 Aug 20 13:53:34 kernel: DROP IN=eth0 OUT=br0 MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:86:dd SRC=2600:9000:21f7:1200:000d:274d:a6c0:93a1 DST=2a02:0c7f:d03a:5500:9090:30ca:f48e:f025 LEN=106 TC=0 HOPLIMIT=52 FLOWLBL=33121 PROTO=TCP SPT=443 DPT=58538 SEQ=800977019 ACK=1754448095 WINDOW=117 RES=0x00 ACK PSH URGP=0 MARK=0x8000000 Aug 20 13:53:34 kernel: DROP IN=eth0 OUT=br0 MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:86:dd SRC=2600:9000:21f7:b800:0018:4532:5280:93a1 DST=2a02:0c7f:d03a:5500:9090:30ca:f48e:f025 LEN=106 TC=0 HOPLIMIT=52 FLOWLBL=1014372 PROTO=TCP SPT=443 DPT=58465 SEQ=2301177167 ACK=844297420 WINDOW=117 RES=0x00 ACK PSH URGP=0 MARK=0x8000000 Aug 20 13:53:34 kernel: DROP IN=eth0 OUT=br0 MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:86:dd SRC=2600:9000:21f7:1200:000d:274d:a6c0:93a1 DST=2a02:0c7f:d03a:5500:9090:30ca:f48e:f025 LEN=106 TC=0 HOPLIMIT=52 FLOWLBL=1001439 PROTO=TCP SPT=443 DPT=58538 SEQ=800977019 ACK=1754448095 WINDOW=117 RES=0x00 ACK PSH URGP=0 MARK=0x8000000 Aug 20 13:53:35 kernel: DROP IN=eth0 OUT=br0 MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:86:dd SRC=2600:9000:21f7:b800:0018:4532:5280:93a1 DST=2a02:0c7f:d03a:5500:9090:30ca:f48e:f025 LEN=106 TC=0 HOPLIMIT=52 FLOWLBL=995362 PROTO=TCP SPT=443 DPT=58465 SEQ=2301177167 ACK=844297420 WINDOW=117 RES=0x00 ACK PSH URGP=0 MARK=0x8000000 Aug 20 13:53:35 kernel: DROP IN=eth0 OUT=br0 MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:86:dd SRC=2600:9000:21f7:1200:000d:274d:a6c0:93a1 DST=2a02:0c7f:d03a:5500:9090:30ca:f48e:f025 LEN=106 TC=0 HOPLIMIT=52 FLOWLBL=38692 PROTO=TCP SPT=443 DPT=58538 SEQ=800977019 ACK=1754448095 WINDOW=117 RES=0x00 ACK PSH URGP=0 MARK=0x8000000 Aug 20 13:53:36 kernel: DROP IN=eth0 OUT=br0 MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:86:dd SRC=2600:9000:21f7:b800:0018:4532:5280:93a1 DST=2a02:0c7f:d03a:5500:9090:30ca:f48e:f025 LEN=106 TC=0 HOPLIMIT=52 FLOWLBL=708294 PROTO=TCP SPT=443 DPT=58465 SEQ=2301177167 ACK=844297420 WINDOW=117 RES=0x00 ACK PSH URGP=0 MARK=0x8000000 Aug 20 13:53:36 kernel: DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1d:aa:98:6f:7c:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=144 TOS=0x00 PREC=0x00 TTL=254 ID=47937 PROTO=UDP SPT=8990 DPT=4944 LEN=124 MARK=0x8000000 Aug 20 13:53:37 kernel: DROP IN=eth0 OUT=br0 MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:86:dd SRC=2600:9000:21f7:1200:000d:274d:a6c0:93a1 DST=2a02:0c7f:d03a:5500:9090:30ca:f48e:f025 LEN=106 TC=0 HOPLIMIT=52 FLOWLBL=9710 PROTO=TCP SPT=443 DPT=58538 SEQ=800977019 ACK=1754448095 WINDOW=117 RES=0x00 ACK PSH URGP=0 MARK=0x8000000 Aug 20 13:53:37 kernel: DROP IN=eth0 OUT=br0 MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:86:dd SRC=2600:9000:21f7:b800:0018:4532:5280:93a1 DST=2a02:0c7f:d03a:5500:9090:30ca:f48e:f025 LEN=106 TC=0 HOPLIMIT=52 FLOWLBL=748605 PROTO=TCP SPT=443 DPT=58465 SEQ=2301177167 ACK=844297420 WINDOW=117 RES=0x00 ACK PSH URGP=0 MARK=0x8000000 Aug 20 13:53:44 kernel: ACCEPT IN=br0 OUT=eth0 MAC=d4:5d:64:a4:6a:10:24:4b:fe:6e:0d:6b:86:dd SRC=2a02:0c7f:d03a:5500:cc90:8b1a:c249:ffdd DST=2a02:26f0:0137:0000:0000:0000:0215:4b18 LEN=72 TC=0 HOPLIMIT=63 FLOWLBL=254918 PROTO=TCP SPT=51005 DPT=443 SEQ=1533365052 ACK=0 WINDOW=64800 RES=0x00 SYN URGP=0 OPT (020405A00103030801010402) Aug 20 13:53:46 kernel: DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1d:aa:98:6f:7c:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=144 TOS=0x00 PREC=0x00 TTL=254 ID=47938 PROTO=UDP SPT=9078 DPT=4944 LEN=124 MARK=0x8000000 Aug 20 13:53:48 kernel: DROP IN=eth0 OUT= MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:08:00 SRC=185.176.27.34 DST=90.206.58.122 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=36139 PROTO=TCP SPT=46910 DPT=8001 SEQ=2882709520 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000 Aug 20 13:53:56 kernel: DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1d:aa:98:6f:7c:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=144 TOS=0x00 PREC=0x00 TTL=254 ID=47939 PROTO=UDP SPT=9175 DPT=4944 LEN=124 MARK=0x8000000 Aug 20 13:53:57 kernel: DROP IN=eth0 OUT= MAC=d4:5d:64:a4:6a:10:0c:a4:02:46:a4:01:08:00 SRC=185.156.73.57 DST=90.206.58.122 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=17855 PROTO=TCP SPT=59609 DPT=55974 SEQ=889890147 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000 Aug 20 13:54:06 kernel: DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1d:aa:98:6f:7c:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=144 TOS=0x00 PREC=0x00 TTL=254 ID=47940 PROTO=UDP SPT=9281 DPT=4944 LEN=124 MARK=0x8000000 Aug 20 13:54:16 kernel: DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1d:aa:98:6f:7c:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=144 TOS=0x00 PREC=0x00 TTL=254 ID=47941 PROTO=UDP SPT=9396 DPT=4944 LEN=124 MARK=0x8000000
The lost packets are typical for Wi-Fi and explain why a wired link performs better. These records only indicate communication between devices, not the identity of users. It’s more likely someone has direct access to a device you’ve enabled auto-login, knows your password, or could have guessed it. Consider these points:
1. Are there anyone living with you who can freely access your devices?
2. Do you leave your phone unlocked or accessible to others?
3. Do you share updated passwords with others (e.g., a shared Netflix account)?
4. Are your passwords based on personal details like birthdays or pets’ names?
5. Do you jot down passwords in a notebook or near the keyboard?
6. Do you use simple, common passwords like “password”?
If password struggles persist, tools like WireShark can reveal which devices are communicating on your network.
I believed it was common, so I wasn’t too sure. I’m considering a malware infection on my iPhone, but there’s no way to verify it that I’m aware of. I mostly rely on my phone’s password generator, so most of my passwords are something like jfbduw-74nfh-7je6s. I never write down passwords and keep them secret. How could I check using Wireshark? I know a lot about PCs but networking hasn’t been my strongest area.
If you have something on your phone, I’d start by trying to locate it. For Apple devices, visit the store and ask them to help. With Android, there are many scanning apps similar to PC tools—just check reviews and search online beforehand. It’s been a while since I used WireShark, so a YouTube tutorial might be more helpful. Good luck!