probably I would try to download an iso (from "outside", using a safe line), and boot from that liveCD. And from that system you may try to reset your router and upload an official firmware. But probably cheaper and faster to buy a new one.

AND, thus the need for protections on the boxes INSIDE the network: placed before you first connect. If the enemy is already inside your network, the security on each node is your only remaining protection.
I wish some one of us with security experience lived close enough to track the worm down and throttle it. (Figure of speech folks. No actually throttling going on here.)

considering your last post (esp. about other devices, people and even phones, having the same problem):

corbee, you should troubleshoot by taking the machine elsewhere, hooking it up to a different internet connection.


also:
really? another systemd hater?

sigh...

Pete lq. I was going to say this! A harmful hacker tries to remain undetected as long as possible. However, best to be cautious.

I've experienced bluetooth hacking from a neighbour who was using it to turn on wifi in both Win10 and linuxmint. I had a really fun time with android bluetooth also being hacked on tablet and me installing LM 17.3 hacked .iso.

I'm in a bind & looking for info re a good bluetooth firewall as I use bluetooth to communicate with tablet, tv, mobile phone, laptop as I am hearing impaired.

If your new Linux install seems to get pwned everytime, you really need to throw the router away, as it is very likely that the routes and DNS on it are poisoned. You must have antagonized someone really that bad.

Not really, could be evil kids, people wanting a botnet setup, or free internet.

My neighbours are just a'holes. Hacked & abused my internet twice with $200 then $400 monthly bills. ISP didn't charge me thank god. Fortunately I got heaps of evidence & ISP & Aust Fed Police verified and dealt with them.

Unless OP's webcam has been hacked, my guess is a
neighbour or their kids.

Or not secured as best as possible.

Know what you mean! Before I reverted to ADSL2 I tracked down two of the SSID's I had identified on my laptop as the wifi hackers eg screenshot of them trying to connect to my router etc. When strolling with my tablet, I would be repeatedly disconnected in front of their house with their SSID taking over. Police & ISP confirmed and acted.

Afterthought, save data and using a clean live cd, change all permissions and esp use chmod -R -x * to render them nonexecutable. Then save them on clean media or better DVD.

Then make sure no rootkit is in mbr by "zeroing" ALL drives including your backup drive.

dd if=/dev/zero of=/dev/hda.

This writes zeroes all over drive hda. Can use /dev/urandom also.

Go grab a coffee, stop it, then format the drive. Their is an option to specify size to be overwritten which I can't remember.

(man dd)?

I'm back,
I checked my router, it was busted, or atleast the logging stopped and date was changed to 2010. There was no available firmware update, so instead I did a hard reset and tried to harden against Netbios / LLMNR on my linux, set os firewall to public, and so far the attack stopped, but I still feel vulnerable about the router, I had two modems at home one for wifi, but my isp connected them under the same line therefore it's still capable of getting infected again, plus I get the feeling that this hacker is persistent. What's next? should I go for antivirus and anti-rootkits?

Also, how do you harden against MDNS, QUIC and SSDP? Or is there such?

wouldn't this also affect the linux system and the apps I use?? I'll check the dd.

I take back my word, I found that this distro also has systemd...

I'm using a traditional desktop, it doesn't have bluetooth. As for the phones, mine wasn't enabled, one of my friends tried a factory reset and the phone was suddenly filled with adware, she was forced to replaced it only for it to get infected gain. I think he's more like a lunatic with sadistic intent than an evil child.

"set os firewall to public" this is normally the default.

I'm not sure what you're saying re wireless LAN but I'd turn off wifi and actually remove the network as well, at least till you've got ethernet LAN tied down as securely as possible. Reason - Reaper and rainbow tables.

"plus I get the feeling that this hacker is persistent. What's next? should I go for antivirus and anti-rootkits?"

Why not? A rootkit on hard drive could explain the persistence issue. A trojan connecting with hacker.

"wouldn't this also affect the linux system and the apps I use?? I'll check the dd."

I did say DATA. Apps should be installed with new install. The aim is to remove rootkits in mbr, which is not affected by simply formatting.

"As for the phones, mine wasn't enabled, one of my friends tried a factory reset and the phone was suddenly filled with ..."

You also have to turn off scanning, discovery as well.

What if they reset it someplace away from where you live?

This does indeed sound like a psychopath is at work. They feel in control and find it amusing to hurt others.

Have all your neighbours contacted their ISP? Numerous complaints may bring action. It may also be an ISP network issue.

My router got wrecked again after entering the internet. Wireshark has been receiving gibberish search queries and network errors, this is scary.

By the way, thanks for your advice you've been all a great help. I going to try out the rest of the solutions you've all shared. Wish me luck in saving my computer guys!

do you own or rent
If you rent don't rule out someone using the land lord's key
or a previous tenant using there key
I've had land lords that handed out keys to my apt like business cards
you could try using a thumb drive to boot the computer
put the thumb drive on your key chain so you don't leave home with out it