The only virus I've heard of that targets home routers does a brute force password attack, so put a strong username/pw on your router admin setting, and disable remote Web/SSH/Telnet config of router (should be off by default anyway) if you're worried about a virus attacking it.
If the router is a full computer in terms of a standard HDD, motherboard, CPU, and RAM, then yes it's very easy for it to 'catch' a virus. But if it's one of the more specialized homebased solutions (the 'blackbox' routers), then no it's hard as hell to infect it with a virus, other than to spoof yourself as a reliable firmware source (which you implant a virus or backdoor on the firmware to change the settings at will). Viruses themselves require you as a user to accept them in some form or another (either by clicking OK/YES/AFFIRMATIVE) to activate the payload, they themselves cannot inherently activate without that initial acceptance. That doesn't mean there's no flaws in OS or firmware, but it means that it's harder for a virus author to develop their payloads for them. It's easier to make you do the work than rely on mature software developments to have a slip up on an upgrade or revision.
Comments
The only virus I've heard of that targets home routers does a brute force password attack, so put a strong username/pw on your router admin setting, and disable remote Web/SSH/Telnet config of router (should be off by default anyway) if you're worried about a virus attacking it.
If the router is a full computer in terms of a standard HDD, motherboard, CPU, and RAM, then yes it's very easy for it to 'catch' a virus. But if it's one of the more specialized homebased solutions (the 'blackbox' routers), then no it's hard as hell to infect it with a virus, other than to spoof yourself as a reliable firmware source (which you implant a virus or backdoor on the firmware to change the settings at will). Viruses themselves require you as a user to accept them in some form or another (either by clicking OK/YES/AFFIRMATIVE) to activate the payload, they themselves cannot inherently activate without that initial acceptance. That doesn't mean there's no flaws in OS or firmware, but it means that it's harder for a virus author to develop their payloads for them. It's easier to make you do the work than rely on mature software developments to have a slip up on an upgrade or revision.