June 2, 2014 - "... Broadband routers humming away peacefully in attics and home offices have become the latest targets of sophisticated cyber criminal groups... In March, the security consultancy Team Cymru warned* that hackers had compromised some 300,000 small- and home-office broadband routers made by firms D-Link, Micronet, Tenda, and TP-Link, among others. That attack followed a similar incident in which compromised home routers were used in attacks on online banking customers
in Poland and the appearance, in February, of a virus dubbed "The Moon"** which spreads between Linksys E-Series home routers, exploiting an authentication bypass vulnerability in the systems. Worse, these attacks relied on the same set of problems common to embedded systems: poor (or "commodity") engineering, insecure default settings, the use of hard-coded (permanent) "backdoor" accounts, and a lack of sophistication on the part of device owners, Team Cymru reported... When security is absent from the design of the device, there are few options for securing it after the fact, short of replacing the hardware and software entirely... with so many legacy systems that are so lacking in basic security features, the risk of compromise is always there..."
"... a worm that was spreading between Linksys routers. What’s unusual about the worm, which has been dubbed “The Moon”, is that it doesn’t infect computers. In fact, it never gets as far as your computer. And that means up-to-date anti-virus software running on your computer isn’t going to stop it. The worm never reaches a device which has anti-virus protection running on it..."
I.E., see firmware updates: http://support.linksys.com/en-us/support/routers/EA6900
And this: http://isc.sans.org/diary.html?storyid=4282
... an old post, but it still applies
June 17, 2014 - "... Cisco has recently seen a spike in brute-force attempts to access networking devices configured for SNMP using the standard ports (UDP ports 161 and 162). Attacks we’ve observed have been going after well known SNMP community strings and are focused on network edge devices... While there’s nothing new about brute-force attacks against network devices, in light of these recent findings, customers may want to revisit their SNMP configurations and ensure they follow security best practices, including using strong passwords and community strings and using ACLs to restrict access to trusted network management endpoints..."