Hi guys,
So I have a bit of a potential problem that I thought I'd bounce off a few more heads than my own, here's the story:
At a previous employer I had to work from home for 1 day and so I took a company laptop home and did so. A few weeks later, I saw that my main laptop in "Device Manager", under "Software devices" there were two additional devices. Both of them were hidden, so I had to enable hidden devices in order to see them. The one name was the name I expected from the work laptop I brought home, the other was strange and referenced a reptile.
Now my first thought was that the laptop I brought home had media sharing enabled and so there must have been UPnP which installed this on my main laptop.
The more I thought about it, and given that I do not trust this company at all any more, I started wondering if this was more than an innocent UPnP media sharing.
Then I checked this device manager a few days ago and the two devices are now gone (even with hidden devices displayed). All references to them which used to exist in the registry have also gone.
The only change I made between them being there and disappearing was changing router. That being said, I had a printer which was there and not added again on the new router and it didn't disappear so I don't think that explains it.
I have since disabled UPnP on my laptop (in services) as well as SSDP but I am worried that this employer used me adding thier laptop to my home network to gain unauthorized access to my home laptop. On the new router there is a new SSID, higher encryption (WPA2) and obviously a new password so they couldn't get onto the wifi network (if they got in range of course).
What do you guys think? Could this be a UPnP hack? Is there a specialist in the CT area that anyone can recommend for me to take this laptop to get it properly checked? With the devices gone I'm worried I may have lost all evidence (if this was an intrusion).
Thanks for the read
So I have a bit of a potential problem that I thought I'd bounce off a few more heads than my own, here's the story:
At a previous employer I had to work from home for 1 day and so I took a company laptop home and did so. A few weeks later, I saw that my main laptop in "Device Manager", under "Software devices" there were two additional devices. Both of them were hidden, so I had to enable hidden devices in order to see them. The one name was the name I expected from the work laptop I brought home, the other was strange and referenced a reptile.
Now my first thought was that the laptop I brought home had media sharing enabled and so there must have been UPnP which installed this on my main laptop.
The more I thought about it, and given that I do not trust this company at all any more, I started wondering if this was more than an innocent UPnP media sharing.
Then I checked this device manager a few days ago and the two devices are now gone (even with hidden devices displayed). All references to them which used to exist in the registry have also gone.
The only change I made between them being there and disappearing was changing router. That being said, I had a printer which was there and not added again on the new router and it didn't disappear so I don't think that explains it.
I have since disabled UPnP on my laptop (in services) as well as SSDP but I am worried that this employer used me adding thier laptop to my home network to gain unauthorized access to my home laptop. On the new router there is a new SSID, higher encryption (WPA2) and obviously a new password so they couldn't get onto the wifi network (if they got in range of course).
What do you guys think? Could this be a UPnP hack? Is there a specialist in the CT area that anyone can recommend for me to take this laptop to get it properly checked? With the devices gone I'm worried I may have lost all evidence (if this was an intrusion).
Thanks for the read
Last edited:
