Somewhere on my network there was a nasty little script running, that kept trying to SSH its way into random German IP addresses. Looking at the logs, it was a simple attempt, denial, and booted. Now, I had no idea where this could be coming from. None of my devices showed anything on any scans, and I have been trying to isolate what device could be doing this. It has been difficult to do so, as the script appears to only run itself once a week or so.
Unfortunately, it appears I took too long to isolate it, as it ran again night before last, and now I have been suspended from the Telus Network. I have formatted every device that I own, and factory reset my Gateway. Abuse has not responded to my email, and I have spent hours waiting on the phone just for them to not be able to reach the Abuse Team either. I just went through a chat session with an agent, and they, also, were not able to reach the Abuse Team. As there is no public number for that department, nor are agents allowed to give it, is there any solution? Or do I have to just keep calling, and hope that eventually they are able to reach them?
I really need my service restored, so I would love to know what steps to take here, nobody has been able to help me.
PS - using the "Ask A Question" link on the main neighborhood page takes you through a loop that only allows you to select French forum options. Every time you change to English it takes you back to the front page, and when you go "ask a question" its back to French.
I doubt Telus will be willing to restore your service if you cannot confirm that you've eliminated the virus/bot on your network. The router logs must have shown an IP address for the device making the requests. It's possible that a smart device or some other network device has been hacked and it's not a computer/tablet/phone.