Security researchers have discovered a new malware framework that’s used for cyberespionage and is delivered to computers through hacked MikroTik routers.
Dubbed Slingshot, the malware has a modular architecture and is on par with state-sponsored attack platforms including Project Sauron and Regin as far as sophistication goes, according to researchers from Kaspersky Lab.
- Worm Infects Redis, Windows Servers with Cryptomining Malware
- Exim Flaw Puts Hundreds of Thousands of Email Servers at Risk
- Spectre-Inspired Attacks Can Steal Data from Intel SGX Enclaves
Once deployed on a system, Slingshot replaces a legitimate Windows library with a malicious version while keeping the library’s original functionality and size. This allows the malicious code to be loaded with system privileges by the operating system while evading detection.