The change in DNS effectively allows a hacker to divert all Internet traffic passing through the router.
Senior Principal Researcher at Symantec, Zulfikar “Zully” Ramzan, said he’s been able to get the proof-of-concept code to work on Linksys, D-Link, and Netgear routers, and that one can easily create a single Web site to be able to attack all routers.
Ramzan said that all kinds of home routers are susceptible to the attack – only if their default router passwords haven’t been changed.
One of the reasons why people don’t change router passwords, according to Ramzan, is that typically router set-up steps do not prompt users to change passwords. As such, many people end up never properly configuring their networking gear at all.
While this research was first published in Dec 2006, Symantec has publicized the findings only as of yesterday.