Skip to main content

    Support

    Offers

U
user_uyogbe
1st Topic

4 Messages

Tuesday, April 1st, 2025 1:08 PM

Need help with compromised public IP Address

I spent 5 hours on the phone with various departments yesterday and while I finally did get someone who did some out of the box thinking, it did not ultimately solve the problem.  I need to get a hold of some kind of actual person in xfinity that can release the IP I have assigned to me through xfinity.

My home network is being remotely scanned and ports attacked by a botnet in Europe. I think this started slowly weeks ago, but has ramped up as it is affecting my internet speeds and causing my internal machines to have their windows account locked up due to constant login failures.

I understand my public IP address is assigned by DHCP and it's all handled automatically. But there must be SOME solution to this issue other than having to CANCEL my xfinity account, wait a day and opening up a new one to get a new public IP Address assigned to my account.

No, it's not assigned to my netgear modem - I swapped it out with a different modem (and back again) and my assigned public IP never changed (so MAC Address change).

I tried changing the MAC Address on the WAN port on my router too, but for some reason, a tech could never get me internet connected again after that (which I don't understand).

Additionally, I checked - none of the computers in my network are showing as being compromised and connecting out to any kind of bot net master machine.

Surely there is SOME protocol that exists to help your residential customers who are being attacked by botnets or the like and if there are NOT any, then it's a serious flaw in your operations that need to be addressed. 

What are my options here, other than to cancel and order a new account or "just live with it until you get a new public ip assigned."?

Question

 • 

Updated 

12 days ago

21

1

0

XfinityChristy

Official Employee

 • 

1.9K Messages

19 days ago

Oh my goodness, user_uyogbe, thank you for reaching out via our Xfinity Community Forums about this concern. I can only imagine how incredibly frustrating and stressful this must be. Five hours on the phone and still no resolution? That's just not right, and I'm so sorry you've had to go through that. I truly feel for you. You've clearly done a lot of troubleshooting, and you understand your network really well – that's impressive, and it makes it even more frustrating that we haven't been able to help you properly so far. Honestly, "just live with it" is not an answer anyone should have to accept, especially when it comes to something as serious as a botnet attack. We absolutely need to do better, and I'm going to make sure your experience is used to improve our processes.

 

 

In this particular situation, the best thing we can do is get our Customer Security Assurance (CSA) team involved. They're the experts when it comes to dealing with these kinds of security threats. They have specialized tools and knowledge, and they can really dig into what's happening. You can reach them directly through this link: https://internetsecurity.xfinity.com/help/report-abuse/ or by calling their toll-free number: 1-888-565-4329.

Please, reach out to them as soon as you can. They'll be able to give you the dedicated support you need. I'm going to make a note of this situation on my end, and I'll follow up with you to make sure you're getting the help you need from them. I'm here to support you through this, and I want to make sure we get this resolved for you. Are you able to reach out to them today? I would like to follow up with you later this afternoon to make sure this issue is being resolved. 

4

0

user_uyogbe

4 Messages

@XfinityChristy​ 

I guess I forgot to find a better user name, that was assigned to me LOL sorry.

Yes, I am a network engineer in my real life profession and have been for nearly 30 years. I do know my network very well and I understand the problem very clearly and how to fix it.

I did talk to the CSA team yesterday and they pushed me through to the Advanced Internet team who all told me the same thing as the level 1 techs I initially worked with. "This is a problem with your netgear modem or netgear router." I only talked to 1 guy yesterday who understood, it was not a problem with "my" equipment.  I do not pay netgear a monthly fee to obtain Internet access, I pay you guys to "rent" a public IP Address so I can connect to the Internet.  *Shakes my head* Even your CSA and Internet team seem to think that the netgear is the problem. 

See your people all seem to think that Netgear needs to walk me through releasing the ip from my equipment. I did this on my own the other day and just like with the modem swap, I got the same compromised IP back again. But your people are stuck on that.  You guys control the public IP I have and for how long I have to have it.

Because they do not understand botnets.  I am sure you do have some engineers there or a few people with experience who do, but they ALL told me the same thing - no one can release your IP Address. 

I'm not really prepared to call back for another 5 hours today. I find that...daunting. But I will call them back today and give it another go. I have to wait until after 1 pm CST to call them back, my real job has me tied up until then.

Like

Reply

19 days ago

0

XfinityChristy

Official Employee

 • 

1.9K Messages

I really appreciate you staying in contact with our security team. I'm so sorry they haven't been able to find a solution for you yet. Honestly, I wish I had a magic fix for this, but I don't. I'm not going to pretend I know the technical ins and outs of this situation like they do. To get a better understanding of what's been happening, and to see if there's anything I can do to help from my end, would you mind sending me a direct message with your name and address? That way, I can review the notes from your interactions with the security team and get a clearer picture of the situation. I want to be sure you are getting the best support possible.

 

To send a "Direct Message" message:

Click "Sign In" if necessary

Click the "Direct Messaging" icon at the top of the page (it looks like a text bubble)

Click the "New message" (pencil and paper) icon

Type "Xfinity Support" in the "To:" line and select "Xfinity Support" from the drop-down list that appears. The "Xfinity Support" graphic replaces the "To:" line

Type your message in the text area near the bottom of the window

Press Enter to send it

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick
I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

Like

Reply

19 days ago

0

user_uyogbe

4 Messages

@XfinityChristy​ 

I know it's all above your paygrade and you're here to just provide comfort and support and ensure that leadership teams are made aware of customer issues that slip through the cracks or just get lost in the thousands of calls your agents have to regularly field.

So I appreciate you and your job here.

I will DM shortly.

Like

Reply

19 days ago

0

user_uyogbe

4 Messages

It is unfortunate - but no one in the this giant company can help. The answers are "Trade in your equipment and pay us more money" or "go buy a new modem" - Both answers of which are inadequate and unacceptable. The fact there is *NO* department which can help a customer under a ddos attack and having issues with people trying to hack their home network is laughable. Your people in charge, whoever designed the system, your engineers, should be fired for gross incompetence. 

This should *NOT* be an impossible task. and I know it's not, I could do it in 5 minutes and solve it. 

The real worst thing is the fact that I have no recourse. I mean, I work from home, I can't permanently cancel my internet or I would, but there are no other high speed offerings in my area. I'm not blaming any of you support people, this is just why big companies like this need to be broken up into smaller ones that have to pay attention to their customers.

But I wanted to update anyone who runs into the same problem as I have - you're hosed.

So good luck.

Like

Reply

12 days ago

0

forum icon

New to the Community?

Start Here