Well... It does not have to be a concentrated effort of the attacker. Because of spread vulnerabilities the bad guys can scan a range of addresses and attack all the vulnerable devices. It is usually completely automated. It is a actually a pretty BIG problem with ton of devices being exploited.
In the best case you end up having a slow connection because the CPU of the router is use to mine some crypto or your bandwidth is used for the exploiter's plans (i.e. DoS attacks, VPN their traffic for unlawful actions, ad click frauds, etc). In the worst case scenario, (1) images are stolen from the IP cameras or conversation being listen from devices with microphones. (2) it can facilitate installation of malware. Ex: DNS resolving to links that redirect to download of malware, show you specific fraudulent ads.Push you to fish sites etc (3) activity on the router and mac addresses can be used to find out how valuable the devices in your house are, your street address can be reveled and traffic patterns can tells the bad guys if you are home or not and used to plan when to come to visit for a burglary.
I leave you with some links to where to start:
- https://www.wired.com/story/white-house-warns-russian-router-hacking-muddles-message/ - https://arstechnica.com/information-technology/2018/05/hackers-infect-500000-consumer-routers-all-over-the-world-with-malware/
- https://www.ctctechnologies.com/outdated-devices-wireless-network/
- https://routersecurity.org/othersgripeonrouters.php
- https://blog.f-secure.com/the-biggest-security-issue-with-most-home-wifi-routers/
- https://www.wired.com/story/upnp-router-game-console-vulnerabilities-exploited/