The exploit was discovered by a security researcher that goes by the name Kafeine and he claims that a number of popular home and SMB routers are affected including Netgear, Asus, D-Link and Linksys. The exploit is already in the wild with multiple malicious DNS servers spotted (and getting active hits). What is even more interesting is that there are patches for this vulnerability out there, but no one seems to be updating them.

The number of flaw in the current DNS system are pretty large and allow for people to do some pretty interesting things to the traffic we send and receive on the internet. A computer does not really know where it is going on the internet until DNS tells it by giving it the target IP address. This is why DNS hijacking is very concerning. We have seen a trend over the last couple of years where the hardware that controls traffic is being attacked rather than the individual systems. This type of attack allows for greater effect and as updates are typically not performed on a routine basis an exploit is likely to stay in place for much longer than one on a PC, Mac, or phone.

We highly recommend updating the firmware on your home router as new ones become available in the same way you would update your computer. This will be even more important as we see this type of exploit continue to grow.