Caught
I found I had this at home last night. DNS of the ADSL modem router set to those in the article. I found it because an internet device (not a computer or a mobile) had stopped working over the weekend.
It's a D-Link router, not on the vulnerable list. No Windows PCs on the network., only Macs, an iPhone (not mine!) and a PS3. Router password was not the manufacturer's. Scary.
So how did this happen? A malicious javascript? And what should I do now, besides resetting the router's DNS and changing passwords for everything useful which might have been accessed with the router on the bad settings, and the router itself? The Macs are set to use specified DNS servers, not the router.
Most worrying, the web interface of the router, which is about 2 years old, does not allow altering Remote Management. Time to get a new router? Any recommendations for a SOHO ADSL modem router which comes with remote management turned off out of the box?