Research at Indiana University brought into focus the fast pace and ease with which virus attacks could spread across Wi-Fi routers.

An excerpt from ZDNet:

The study focused on New York, Chicago, Seattle, Boston, San Francisco, and northern and southern Indiana. In these areas, only 20 percent to 41 percent of routers used WEP or WPA encryption. To gain access to the routers and simulate the spread of malware, the researches attempted to guess the password (many people don’t change the factory default) from a list of 65,000 words that are commonly used. It wasn’t all that difficult, as the results prove. The study concludes by noting that the increasing number of Wi-Fi-enabled components that will connect to routers makes the possibility of infection even more serious.

Use of proper authentication techniques (in this case, WPA over WEP) is definitely a sound strategy to deploy. While the above attacks were just proof-of-concept type, it’s a fact that with the proliferation of wireless networks, malware authors are sure to make an attempt.

An alarming fact is that most of the damage would be done within the first few days. The technique used by the researchers was based on the method used for tracking the spread of influenza.

More information:

Urban WiFi Routers at Risk (Dark Reading)

Viruses to infect Wi-Fi networks in 2008? (Tech)

Researchers Postulate Wi-Fi Router Virus (WiFi Net News)

WiFi flu: viral router attack could hit whole cities (Ars Technica)