Sunday 1 April 2018, Poradnik bezpieczeństwa

Malware Slingshot – has been attacking computers for over six years

Lost24

The internet security experts from Kaspersky Labs have recently found a trail of a crafty malware, which has been running loose within the network for OVER SIX YEARS!

The malware was discovered by accident. The Kaspersky Labs’ team was analyzing a piece of keylogging code and decided to scan to see if it could be found elsewhere. The malware’s signature turned up in a seemingly innocent file on another computer labelled scesrv.dll.

The malware, denoted as Slingshot, is a cunning and very dangerous software, that can collect all kinds of information from compromised computers, including screenshots, passwords, keyboard data, and other information. Slingshot tries very hard to stay under the radar using a selection of advanced techniques, including identifying the security software used (and attempting different tactics to evade detection), encrypting all strings in the malware and employing specific anti-debugging countermeasures.

As of jet, the researchers do not know precisely how Slingshot infected all of its targets, but in some cases the malicious app was planted inside MikroTik routers. The manufacturer was notified of the issue and has already resolved the vulnerability. However, Kaspersky Labs believes that other routers could still be affected.