BT Hub Hijacked

Firmware version:v0.43.01.15019-BT
A year ago I subscribed with Norton Security for 3 years which I have used for many years.

It recently was upgraded to Norton 360.

On executing a system scan, it said my router had been hijacked.

I wondered whether this was an error with the new version or it had really been hijacked.

From the command prompt I executed: ipconfig /flushdns

I unplugged the router but Norton is still saying my router is hijacked.

I thought about setting up a VPN of which there are many.

Easiest for me would be either BTGuard or to add VPN to my Norton subscription for which I already have accounts.

Neither of these do well in reviews with NORDVPN and Proton VPN coming top. However both of these require accounts to be set up.

WE have 3 laptops, a mobile phone & a canon ptr using the Internet.

I retired from system design & programming about 15 years ago and things have changed a lot in that time!

Is there a way I can tell if my router really has been hijacked?

All help gratefully appreciated.

I suppose you can swap the router with a known good router (even if you have to borrow one).

Then if Norton 360 gives you the same message you might wonder if there are scare tactics trying to get you to upgrade to more expensive software.

However if these are vulnerability scans I think they just attack a list of URLs on the default gateway to see if certain scripts are installed that are either of a version with missing patches and exploits available, or scripts that are only thought to exist if the router has already been compromised.

Normally people would start by backing up their router config, making a note of the connection settings for their ISP, and then resetting the router to defaults.

If necessary find out how to reload the current firmware or the latest firmware update to see if the messages persist.

Another possibility might be that BT's Parental Controls and/or other features like BT Web Protect are actively interfering with diagnostics Norton is using to determine its opinion of the connectivity.

Try disabling any security/filtering features on the HH, leaving the inbound firewall active as that should be fine.

Incidentally, BT apparently offer Norton branded as "BT Virus Protect". https://www.bt.com/help/security/anti-virus-software...

The last time I had the misfortune to spend my own money on a Norton product was around 2006/7. Never again 😎

Generic advice for any connection/router: if you suspect intrusion/compromise, re-flash your router with known/good firmware from official source. Lock it down with with fresh password(s) that are complex and not default or that you've used previously. Turn on off/block unused services on the device. The smaller the attack surface it presents to the outside world the better.