I have two routers--one is the gateway from ATT, and then I'm using another router as a repeater bridge in the other room. Last night, my gateway turned off because my alarm started beeping as it does when there is no phone connection. Eventually, it was able to reconnect. However, my bridge was unresponsive and showed an error. I then checked to see what the logs said, but the bridge was not reachable--it turns out I had been assigned an address of 169.254.14.240, which is not a default or something I assigned. So I find this very interesting. The router, bridge, and pc remain suspect, and I'm curious as to what you guys would check, assuming the worst. I am not anyone special, so I cannot imagine being targeted by a three-letter organization. However, I consider myself a cryptography enthusiast and activist. I plan to dump the firmware into a bin and hash it against stock, but I imagine there's far more to be done. I'm more curious than anything and want to be as thorough as possible. It is not a possibility to trash these items, though that may be what helps me sleep easy.
Under certain conditions hardware that fails to connect via an established domain/network may reset itself to a local / non-routable IP, like the one you mention. I leave the conspiracy theory to others and I would simply lean towards a NET/hardware event that cause the device to reset to locahost.
169.254... addresses are APIPAs. The bridge might do that when it can't connect. Not sure what the deal is with the gateway. Automatic firmware update maybe? Overheating? Who knows. However, keep in mind you needn't be getting TLA attention to attract router attacks. There are LOT of attacks against commodity router firmware, since it rarely gets updated. Personally I use an old laptop for my gateway, running a router/firewall Linux or BSD distro.
169.254.0.0/16 are RFC 3927 addresses. For example, booting systems that are configured for DHCP but can't locate a DHCP server may auto-configure with an RFC 3927 address.
169.254.14.240 is a normal, default, non-routable IP address when DHCP can't be grabbed. I see it 1000 times a week. Nothing to worry about.
