Slingshot: Avoiding Sophisticated Cyber Espionage

Researchers from Kaspersky Lab, a Moscow-based cyber security and anti-virus provider, have said in a report that it has discovered a highly sophisticated cyber-espionage campaign called Slingshot that spreads through compromised routers and remains undetected for years.

Slingshot is as complex as Project Sauron, the malware that remained undetected for five years and believed to be designed by a state-sponsored group. Another malware, Regin, that infected computers in several countries including India remained undetected for several years.

According to the researchers, there are almost 100 Slingshot victims, mainly from the Middle East and African countries. The threat is believed to have started in at least 2012 and is still active (February 2018). It went on to say that most of the victims initially got their computers infected through compromised Mikrotik routers or windows exploit.

The researchers said that a malicious code is found in several compromised routers made by the Latvian network hardware provider, making them believe that Slingshot is able to target victims by directly infecting such routers. However, they are clueless about how exactly the Mikrotik routers are compromised.

"The discovery of Slingshot reveals another complex ecosystem where multiple components work together in order to provide a very flexible and well-oiled cyber-espionage platform," wrote Kaspersky Lab researchers in its report. 

"The malware is highly advanced, solving all sorts of problems from a technical perspective and often in a very elegant way, combining older and newer components in a thoroughly thought-through, long-term operation, something to expect from a top-notch well-resourced actor," they added.

The malware can run in both kernel mode and user mode modules, which means attackers can have complete control over a compromised device.

How to avoid falling victim to Slingshot malware
Here are measures suggested by Kaspersky Lab researchers to keep advanced persistent threats (APTs) like Slingshot at bay:

  • Upgrade your Mikrotik router to the latest software version. However, it said you can avoid only one attack vector with such updates and not from the APT itself.
  • Implement a strategic approach to deal with attacks from the sophisticated malware. Security solutions like Kaspersky. 

Kaspersky's Threat Management and Defense tools can detect APT and come with expert services. If a targeted attack is detected, cybersecurity experts will act accordingly before any harm is done.

IB Times

You Might Also Read:

Gateway For Hackers:

Russian Spies Used Kaspersky Anti-V To Hack NSA:

 

 

« Cambridge Analytica Claim To Sway Elections With Facebook Data
Crypto Mining Malware Hits Business »

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Cyber Security Service Supplier Directory

Cyber Security Service Supplier Directory

Free Access: Cyber Security Service Supplier Directory listing 5,000+ specialist service providers.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

National Agency for the Security of Information Systems (ANSSI)

National Agency for the Security of Information Systems (ANSSI)

The role of ANSSI is to foster a coordinated, ambitious, pro-active response to cybersecurity issues in France.

CyberSail

CyberSail

CyberSail.org is a new online platform built by SOFTimpact, specifically for the Maritime industry to share, discuss and combat Cyber Threats.

e-Crime Bureau

e-Crime Bureau

e-Crime Bureau is a specialized company offering cyber/computer forensics, cyber security consulting services, forensic audit and investigations services and training to clients across Africa.

Awake Security

Awake Security

Awake Security offer a security solution built on an AI platform that acts like the human brain to sense, detect, and respond to threats you may not even know exist.

Pennington Manches

Pennington Manches

Penningtons Manches LLP is a leading UK law firm providing high quality legal advice in areas including Data Protection, Cyber Security and Cyber Crime.

Wizlynx PTE LTD

Wizlynx PTE LTD

Wizlynx PTE LTD is the Singapore branch of wizlynx group located in Singapore, offering Information and Cyber Security Services throughout the entire Asia Pacific (APAC) region.

S2S Group

S2S Group

S2S Group specialise in the destruction and management of IT assets at the end of the lifecycle.

Numisec

Numisec

Numisec is an Indonesian based security services provider. We offer a comprehensive portfolio of security technologies and consulting services in finance and telecommunications.

Pivot Point Security

Pivot Point Security

Pivot Point Security is a trusted leader in information security consulting. We help clients master their information security management systems.