Slingshot APT malware, 6 years cyber spying
Slingshot is a malware used to cyber spying, was created to attack vulnerable routers and latter jump over the computers on the network to sniffing communications.
The malware, after the router attack, replace a Windows system library called “scesrv.dll” by another malicious library with the same size. This malicious library interact with other operative system elements even the kernel.
It’s possible this attack were being since 2012 and actually in 2018 is still in progress.
The Karspersky Lab’s researchers have been responsible for the discovery of this malware.
References:
- 06/03/2018 Karspersky Lab The Slingshot APT paper
- 09/03/2018 securelist.com The Slingshot APT FAQ
- 09/03/2018 adslzone.net Slingshot: un ataque de espionaje a routers que lleva 6 años sin ser detectado
Tags: