4 Replies Latest reply on Aug 29, 2017 11:38 AM by goat

    McAfee Mobile Security on Android reports Wi-Fi under attack, SSL split

    goat

      Hi,

       

      At home (Australian suburbia) we have a modem and wi-fi setup which we access with our laptops, Android phones and google chromecast.

       

      I used WPA to secure the network.

       

      I run McAfee mobile security on my Android phone, courtesy of LG Smartworld that came with it.

       

      2 days ago we added a new mobile and installed McAfee security via the LG Smartworld app, though later I saw it was an older version of McAfee than on my phone above.

       

      Today McAfee started reporting on my phone in a big red alert that Wi-Fi under attack, Hacker intercepting traffic, and something about SSL split.  It recommended I allow them to bar the network.  The newer phone did not report this.  I looked at its version number and realised it is older, not sure why it didn't update automatically, went to google playstore, found it, updated it, and straight away it reported the same error.

       

      I googled and googled and there is very little about this fairly catastrophic sounding event (potentially means all my bank accounts and computers have been hacked and I can't use the internet at home anymore).  I did find this thread on the forum:

       

      Warning about hacker catching data on Wlan

       

      But it didn't really explain why it was happening or how to tell if it's for real.

       

      I have followed some of the advice on there, here is what I did, noting that I suspect everything could be compromised if I've already had my complete network taken over.

       

      - changed the admin password on my modem

      - changed the password at my ISP (I did this from the newer phone, using 4G rather than being on the Wi-Fi, trying to add some

      - changed the name of my network

      - changed from WPA to WPA2 and changed the PSK string (password) and used many characters

      - rebooted model, computers, phones

      - reconnected to wifi using new network details

       

      Immediately my phone reported the same error.  I've said ignore it and remember my answer.

       

      - reconnected google chromecast

      - phone complained about that in a similar way

       

      Does this all seem like a major false alarm.  The thread quoted about suggested a FAQ would be produced but I couldn't find one.  If it is a real attack all my efforts could be wasted if my network and computers are completely owned, maybe all my keystrokes and screen activity is logged.  But I doubt it.  And without being an expert I suspect a hacker would need to be manually copying or intercepting what I'm doing which seems unlikely to be occurring in real time.

       

      Advice?  And is there info out there that could've assured me?  And if this is a false alarm, why is it happening?

       

      P.S. Having real trouble with the "In a Place" thing below, wasn't sure where to put this, most options in Groups were greyed out, and when I tried to change it spat it with an invalid tokem and invalid password error.