Guys. Urgh.
I was supposed to work on the DEV weekend challenge. I was setting up a local webserver to test things out, and needed to forward a port. I log in to the admin panel of my router.
And what do I see there?
A ******** phone connected to my router. And it's been here for a month. And it's named "Evil Little Woodpecker", which is a SUPER WEIRD NAME if you ask me.
I freak out a bit, like anyone would, I think. The phone cannot be pinged from a PC, but neither can mine. I know basically nothing about cybersecurity, it's really not my domain, so excuse any non-expert language in this post, and please teach me things in the comments.
Phase 1: Diagnosis
I start monitoring all the packages that are transitting through my internet box, and that goddamn phone is not sending a single package, so either it's obfuscating its package info (?) or it's just listening. But if it's just spoofing my packages, why is it showing as connected while when I do it, my machine doesn't?
I tried using my phone to triangulate the unwelcome bird using the RSSI. Either it was approximately in my bedroom, or it was upstairs in my neighbors' flat. But how did they get the password? Did they manage to trigger the WPA authentication remotely? Did they sneak in while I was emptying the trashcan?
Of course, I could've kicked the phone at any moment, but at this point I just wanted to know what was going on. I tried to ping it again, from my router this time. Nothing. But pinging my phone works, so the thing is purposefully blocking pings. The hypothesis of a malicious agent gets more and more likely, and I'm sweating buckets.
And then, not even a minute after I tried to ping it, the phone disappears.
Phase 2: Panic
My dear guys and gals and all in between, when I say that I was ready to go back to the stone age and run a silex knife through the heart of every single working device in my house, I mean it.
I changed every single password I could think about and deactivated WPA. I cancelled all plans to open any port for even a local test server. I kinda wanted to cry.
In a last ditch effort to restore a semblance of normalcy, I send a message to a friend that came over earlier in the day (even though the device was connected since last month). Funnily enough, they had almost exactly the same phone model than the intruder, but it was not named "Evil Little Woodpecker" and, they assured me, they never connected to my WiFi.
And then, another friend joined the call. "Evil Little Woodpecker?" they said. "That sounds like something T. would name his phone."
My first friend chimed in. "Didn't T. and B. came over last month?" Sure, they did.
Phase 3: Relief and Disbelief
I slammed the metaphorical door of the vocal chan open. "T., I said. I'm seeking damages for what you did to my psyche tonight."
T. did find that funny, but that's because we weren't in the same room.
Yeah, long story short, T. did come over exactly on the date the strange phone first connected to the router, and his phone is named Evil Little Woodpecker, which is still extremely weird, although it's now on the funny side of weird because it's not someone trying to man-in-the-middle me.
And my box just decided that it liked it. My box liked Evil Little Woodpecker. It gave it a special spot in its heart and never realized it was long gone, even as I refreshed the panel every five seconds. Only when I tried to ping the bird did it manage to update its status.
All of that for naught.
I hope at least you'll find it a bit funny. I know my colleagues are going to laugh at me, but I don't really care because I'm very relieved.
So yeah, sorry, Ms. Honey. I did do my homework, but an Evil Little Woodpecker ate it.
— Kat
Did you find that story funny? Yeah? Did you laugh at my misery? Do you think that makes you a good human being? Anyway, good and bad people are welcome to follow me on Substack for more content!
Cover picture by Łukasz Rawa on Unsplash
Top comments (0)