I’d like to call attention to some news articles, and a recent announcement by Linksys, which manufactures a widely-adopted line of home wifi routers. If your home router is made by Linksys, please refer to the company’s website, support FAQ, and their technical article, linked below, for information on an ongoing security problem which can, under adverse conditions, allow an Internet worm, being referred to in the media as the “Moon malware,” to gain control of several models of Linksys router.
If infected, home users’ traffic is redirected through a hostile DNS server (meaning affected households could be re-routed to fake banking or social media login pages, and passwords stolen, for example), and the worm uses the home customers’ Internet connection to spread itself, hogging bandwidth and slowing Internet service.
PC World has reported on the exploit, with some background info and the warning that there could be more affected models than the list already published.
Linksys has published a technical article with links to instructions on disabling the Remote Administration feature and updating the firmware, however it should be noted that there’s no official list (yet) of all vulnerable router models, nor is there a current published firmware update that Linksys has yet released to directly address this vulnerability. The official patch is still pending.