MAC address in use by another modem

redeye_uk

redeye_uk

redeye_uk

Associate
Joined
1 May 2007
Posts
1,901
Location
London
Basically early on saturday my virgin internet bugged out. Whenever I tried to browse the web I get a message "unable to authenticate modem". This is strange as i've been a virgin cable customer for ~10 years.

So I give them a call and go through the usual spiel, then they request my modem MAC address so they can escalate the the problem to tech support.

I get a call from tech support yesterday saying its a local fault with all cable modems in my area and that they are working to fix the problem. Ok, fair enough; the serivce has been faultless in the past so i decide to give them the benefit of the doubt.

Then comes today and I receive another phone call from tech support saying the MAC address I supplied in now in use by another modem and they need to send me a new modem. At this point im thinking WTF and double check they have the correct MAC address. They do.

Soooooo, am I right in thinking virgin have just recycled my MAC address and given it to another customer (probably new)? Im pretty unimpressed tbh, why is my modem being blocked and not the 'new' modem with my MAC address?....

/rant
 
Well probably not virgin but whoever provides them with the modems are who assign the MAC address.
 
Although virgin does have a history of recycling phone numbers without telling people :) so it's possible it was them. Not much you can do until you get your new one though :(
 
Well it probably wasnt them becase the MAC address is assinged by the NIC manufacturer so whoever provides them with OEM modems is at fault I imagine.
 
The modem is from 'back in the day' when we had 512Mb cable (~10 years), so the NIC manufacturer probably assumed it was no longer in use.

BUt you know what they say about assumptions! this being a case in point
 
When this happened to me it was discovered by the VM tech that when he was doing a remote diagnostic to check my connection issues, his check differed from what was shown on my modem log, which he said indicated another modem on the network with the same MAC. Turns out it was someone who somehow cloned my modem (which I had been using for many years, and old surfboard modem) to get access to cable internet without paying a penny. Anyway, they sent me a new modem and said that they are taking legal action against the person who cloned my modem. I've no idea how they managed to track the person who cloned my modem but I'm happy they did and that they are doing something about it.

This is not something that is VMs fault, and in my case it wasn't the modem makers fault either, it was a person trying to get free internet by using a hacked modem set up to use the same MAC address as my modem.
 
Quite simply someone has flashed your MAC to a hacked modem and was using that to obtain free internets. It's been going on for years. Gnerally though it doesn't result in this because, from what I have read (I live in a non cabled area) the user with the hacked modem would use it on another UBR so it doesn't get detected. Alas, this numpty is on the same UBR.
 
Dist said:
Turns out it was someone who somehow cloned my modem (which I had been using for many years, and old surfboard modem) to get access to cable internet without paying a penny.
Click to expand...

My modem is one of the old Motorola Surfboard jobby's :) Served me well over the years.

Kol said:
Quite simply someone has flashed your MAC to a hacked modem and was using that to obtain free internets. It's been going on for years. Gnerally though it doesn't result in this because, from what I have read (I live in a non cabled area) the user with the hacked modem would use it on another UBR so it doesn't get detected. Alas, this numpty is on the same UBR.
Click to expand...

So someone has cloned my MAC/modem, fair enough. Does this mean they had to gain physical access to my modem to do this or have I just been unlucky?
 
redeye_uk said:
My modem is one of the old Motorola Surfboard jobby's :) Served me well over the years.



So someone has cloned my MAC/modem, fair enough. Does this mean they had to gain physical access to my modem to do this or have I just been unlucky?
Click to expand...

Just been unlucky. All they do is a scan on the UBR which will display the mac address of those connected to it. They haven't physically done anything to you or your modem, just taken you mac address from the scan, applied it to a hacked modem and then that allows it to gain an IP and access to to the internet, so nothing for you to worry about.
 
Yeah it does sound like someone cloned your modem, I've read on the net that it's a bigger problem than they're letting on, though I really can't give any indication as to whether that's true or not. I hope they can track them down and sort it out though, these people make my bills more expensive!
 
alexhull24 said:
Yeah it does sound like someone cloned your modem, I've read on the net that it's a bigger problem than they're letting on, though I really can't give any indication as to whether that's true or not. I hope they can track them down and sort it out though, these people make my bills more expensive!
Click to expand...

I think it is, indeed. The problem they face is I don't think they are able to specifically narrow it down to the house it is being used, probably only the area / green cab on the street.

I suppose what they could do is keep that MAC address live, allow the cloned modem to keep using it but 'snoop' on the personal info they give on websites. If they're stupid enough to get it noticed by using it in the same area as the victims MAC then I'm sure they're stupid enough to use personal websites.
 
Kol said:
I think it is, indeed. The problem they face is I don't think they are able to specifically narrow it down to the house it is being used, probably only the area / green cab on the street.

I suppose what they could do is keep that MAC address live, allow the cloned modem to keep using it but 'snoop' on the personal info they give on websites. If they're stupid enough to get it noticed by using it in the same area as the victims MAC then I'm sure they're stupid enough to use personal websites.
Click to expand...

Well really the solution is to restrict the MAC to the correct UBR for the address of their customer. You have to tell them your MAC of the modem for them to allow it access to the system in the first place, so they know who has what MAC. You can't have the same MAC on the same UBR, so any cloning then would be a lot more difficult or even impossible.
 
sorry guys, whats a UBR?

I live in a fairly small village so does this mean there is a high chance the perpetrator lives near me?
 
UBR is Universal Broadband Router, but it's basically the device local to use that you are connected to.

I would say that the initial "perp" needs to be in your area to have been able to sniff your MAC address on the wire in the first place, but with the wonderful world of the internet he may have passed that on to someone else who has now cloned it.
 
You must log in or register to reply here.
Back
Top Bottom