Routers Under Siege from Web-based Attacks
Our routers are once again in danger, but this time it seems that hackers have developed a browser-based attack to get into our equipment. This new threat works like this: cybercriminals infect certain websites or ads with malware which automatically gets into your router as soon as you've visited the specific links. Once inside, the malicious program attempts to switch the legitimate DNS servers configured in your router with rogue ones owned by the attackers. If successful, this will allow the hacker to intercept all your web traffic, inject the websites that you visit with ads, spoof websites (overlay fake ones) and male a lot of other nasty little tricks.
If you're wondering why this is so important, it's because these attacks occur at a very large scale and basically anybody could be a target without realizing it. Furthermore, unlike PC viruses which can be detected and deleted with a whole variety of tools, there are very few ways to know for sure if your router has been infected. And don't think that if your router isn't set up for remote management you are safe, because these attacks can easily bypass this security measure through a method called cross-site request forgery (CSRF). (In simple terms, this technique forces your browser to execute rogue actions dictated by the website, so the reprogramming seems to come from your own PC, not an outside source).
Unfortunately, protecting yourself from these attacks requires some time and technical skills and this is exactly what the attackers are banking on. To keep yourself safe you need to periodically check the manufacturer's website for firmware updates and install them as soon as they become available. Furthermore, if you're up for it and the router settings allow it, you should instruct the device to only accept configuration commands from an IP that doesn't actually exist on your network, but that you can manually assign to your PC whenever you need to.