And that's where, all too often, the Trojan gets home free -- as we've noted all too often here, many of those off-the-shelf home wireless routers are set up and set to running without the user changing the factory-established default password and username.
Once it finds a vulnerable router, your network and your network traffic are compromised.
According to researchers at Secure Computing, the company that reported the new Trojan, which appears to be a codec necessary for some online video content, re-sets the router's settings, re-routing you through the bad guys' servers.
As this is considered to be the first threatware taking direct aim at routers, it's early days yet to say what else its creators may come up with for it to do -- and do to you.
Bad stuff -- and another good reminder to include routers in your regular password-change and security-review policy, and to tighten up and toughen up those policies as you do so.
And to start doing so now.