Slingshot: Avoiding Sophisticated Cyber Espionage

Uploaded on 2018-03-22 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Researchers from Kaspersky Lab, a Moscow-based cyber security and anti-virus provider, have said in a report that it has discovered a highly sophisticated cyber-espionage campaign called Slingshot that spreads through compromised routers and remains undetected for years.

Slingshot is as complex as Project Sauron, the malware that remained undetected for five years and believed to be designed by a state-sponsored group. Another malware, Regin, that infected computers in several countries including India remained undetected for several years.

According to the researchers, there are almost 100 Slingshot victims, mainly from the Middle East and African countries. The threat is believed to have started in at least 2012 and is still active (February 2018). It went on to say that most of the victims initially got their computers infected through compromised Mikrotik routers or windows exploit.

The researchers said that a malicious code is found in several compromised routers made by the Latvian network hardware provider, making them believe that Slingshot is able to target victims by directly infecting such routers. However, they are clueless about how exactly the Mikrotik routers are compromised.

"The discovery of Slingshot reveals another complex ecosystem where multiple components work together in order to provide a very flexible and well-oiled cyber-espionage platform," wrote Kaspersky Lab researchers in its report. 

"The malware is highly advanced, solving all sorts of problems from a technical perspective and often in a very elegant way, combining older and newer components in a thoroughly thought-through, long-term operation, something to expect from a top-notch well-resourced actor," they added.

The malware can run in both kernel mode and user mode modules, which means attackers can have complete control over a compromised device.

How to avoid falling victim to Slingshot malware
Here are measures suggested by Kaspersky Lab researchers to keep advanced persistent threats (APTs) like Slingshot at bay:

  • Upgrade your Mikrotik router to the latest software version. However, it said you can avoid only one attack vector with such updates and not from the APT itself.
  • Implement a strategic approach to deal with attacks from the sophisticated malware. Security solutions like Kaspersky. 

Kaspersky's Threat Management and Defense tools can detect APT and come with expert services. If a targeted attack is detected, cybersecurity experts will act accordingly before any harm is done.

IB Times

You Might Also Read:

Gateway For Hackers:

Russian Spies Used Kaspersky Anti-V To Hack NSA:

 

 

« Cambridge Analytica Claim To Sway Elections With Facebook Data
Crypto Mining Malware Hits Business »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NCC Group

NCC Group

NCC Group is a global cyber and software resilience business operating across multiple sectors, geographies and technologies.

ReadWrite

ReadWrite

ReadWrite is a leading media platform dedicated to IoT and the Connected World.

IoT European Research Cluster (IERC)

IoT European Research Cluster (IERC)

IERC brings together EU-funded projects with the aim of defining a common vision for IoT technology and development research challenges.

Fortra

Fortra

Fortra (formerly HelpSystems) is your cybersecurity ally, unified through the mission of providing solutions to organizations' seemingly unsolvable cybersecurity problems.

Brainloop

Brainloop

Brainloop's security architecture enables you to work on and distribute strictly confidential documents both within and beyond the firewall.

HKCERT

HKCERT

HKCERT is the centre for coordination of computer security incident response for local enterprises and Internet Users in Hong Kong.

SQN Banking Systems

SQN Banking Systems

SQN Banking Systems fraud detection software products are a critical step towards overcoming the growing problem of fraud across the various payment channels.

spiderSilk

spiderSilk

spiderSilk is a Dubai-based cybersecurity firm, specializing in simulating the most advanced cyber offenses on your technology so you can build your best security defenses.

Appgate

Appgate

Appgate is the secure access company. We empower how people work and connect by providing solutions purpose-built on Zero Trust security principles.

WithSecure

WithSecure

WithSecure (formerly F-Secure Business) is your reliable cyber security partner, providing outcome-based cyber security that protects and enables operations.

GrayMatter

GrayMatter

GrayMatter provides Advanced Industrial Analytics, OT Cybersecurity, Digital Transformation and Automation & Control services to clients across the U.S. and Canada.

Arcserve

Arcserve

Defend your data with Arcserve all-in-one data protection and management solutions designed to be the right fit for your business, regardless of size or complexity.

Verastel

Verastel

Specializing in the niche space of proactive cyber-defense, and adaptive resilience, team Verastel is bolstering enterprise digital security like never before.

Hack-X Security

Hack-X Security

Hack-X Security provide IT risk assessment and Digital Security Services. We are a trusted standard for businesses that must protect their data from cyber-attacks.

TraitWare

TraitWare

The TraitWare mission is to increase user and company security while simplifying access to digital and physical resources through the elimination of the need for usernames and passwords.

Incode

Incode

Incode is the leading provider of world-class identity solutions that is reinventing the way humans authenticate and verify their identities online.