Serious security failings in home routers are getting more attention from both attackers and researchers.
In recent weeks, attacks have been mounted on Linksys and Asus routers via loopholes that thieves could exploit.
In Poland, reports suggest one gang has successfully adjusted router settings in a bid to steal cash.
A separate study found many of the routers sold online have bugs that attackers could easily exploit.
This week the Internet Storm Center (ISC) warned about a continuing attempt to exploit a vulnerability in 23 separate models of Linksys routers.
The virus, a self-replicating program or worm called The Moon, takes control of the router and then uses it to scan for other vulnerable systems.
So far, wrote ISC researcher Johannes Ullrich, it is not clear why the routers are being compromised and what might be done with them. There are hints in the exploit code that the routers will at some point be gathered together into a network of compromised machines, he said in a blogpost. Currently, he added, all the worm was doing was spreading to other Linksys routers.
Linksys has also published technical advice about how to update the core software for vulnerable routers and how to turn off the remote management feature.
Online bank login screen Polish cyberthieves targeted home routers to aid bank thefts
Earlier this month, many users of Asus routers who remotely connect via the gadget to hard drives in their homes, perhaps to watch DVDs they have ripped, found that someone had used the same feature to upload a text file urging them to do more to make the device safe.