An increasingly common tactic used by criminals is to replace the DNS settings on routers with their own infected server addresses. This in turn allows them to redirect unwitting users to fake websites - making it possible to steal online banking details and other personal information.
Previously, the worst 'attack' by a hacker might have been (for example) a reset of your router - frustrating but not very serious.
The recent attack on Mexican 2Wire router users was carried out via spam emails and exploited a URI injection vulnerability to gain access to the routers.
To minimise the chance of being attacked in this way:
- Set a decent admin password for your router - at least 8 characters and ideally using random characters rather than real words.
- Disable as much WAN-side access as you can (using the 'Access Control' in Class II routers). Only enable WAN-side services if you have to.
- Consider setting up DNS details on the PCs connected to your router so that the PCs do not rely on the router for DNS resolution.
- Verify security certificates for any important websites you visit
- Avoid opening spam and visiting dodgy websites
http://www.theregister.co.uk/2008/01/23 ... n_the_wild
http://blogs.computerworld.com/beware_y ... y_pharmers