Slingshot malware uses cunning plan to find a route to sysadmins

Kaspersky Lab details sophisticated Slingshot malware likely used for spying on targeted individuals and organizations, which remained hidden for six years 

The first part to understand is the means of infection. What makes this initial attack vector unique is that, according to our research, many victims were attacked through compromised routers made by MikroTik. Routers download and run various DLL files in the normal course of business. Attackers found a way to compromise the devices by adding a malicious DLL to an otherwise legitimate package of other DLLs. The bad DLL was a downloader for various malicious files, which were also stored in the router.

Read more

Powered by Blogger.