Cultocracy note :
State sponsored hackers represent around 99% of serious breaches in computer networks and systems . In the past the ‘electronic knicker sniffers’ tended to monitor and track each other in an infantile game of cat and mouse , that is when they were not messing up home and business computers by looking through your private files , planting incriminating electronic ‘evidence’ or stealing industry secrets and blueprints .
It now looks like the ‘Cyber War’ has entered a new phase . An online article at arsTECHNICA suggests that a sophisticated malware platform named ‘Slingshot’ was found in routers manufactured by MikroTik . The malware was similar to other advanced backdoor trojans such as Stuxnet and Regin , these people just love an advanced backdoor . You can safely assume that most routers are compromised in a similar manner .
The interesting point is that the malware was found by Kaspersky Lab , a software developer based in Russia . In late 2017 the US administration banned all government agencies from using Kaspersky software .
This has got to be good news for the consumer , hopefully this marks a continuing trend whereby rival state sponsored snoopers ‘out’ each others bit of kit .
The downside of this trend is that we will soon find out that nearly every piece of computing hardware ever manufactured in the history of mankind has been infected with something or other .
Traditional hacking techniques that rely on hardware or software exploits will soon become redundant as we enter the age of the ‘Internet of Things’ .
The only thing left for them to hack now is ourselves .
They are working overtime on that one .
Potent malware that hid for six years spread through routers
Nation-sponsored Slingshot is one of the most advanced attack platforms ever
Researchers have discovered malware so stealthy it remained hidden for six years despite infecting at least 100 computers worldwide.
Slingshot—which gets its name from text found inside some of the recovered malware samples—is among the most advanced attack platforms ever discovered, which means it was likely developed on behalf of a well-resourced country, researchers with Moscow-based Kaspersky Lab reported Friday. The sophistication of the malware rivals that of Regin—the advanced backdoor that infected Belgian telecom Belgacom and other high-profile targets for years—and Project Sauron, a separate piece of malware suspected of being developed by a nation-state that also remained hidden for years.
The main purpose of the malware appears to be espionage. Kaspersky Lab’s analysis suggested Slingshot was used to log desktop activity and clipboard contents and to collect screenshots, keyboard data, network data, passwords, and USB connection data. The ability for Slingshot to access the operating system kernel means the malware had access to whatever data was stored on the hard drive or in the internal memory of an infected machine. Infected computers were located primarily in Kenya and Yemen, but also in Afghanistan, Libya, Congo, Jordan, Turkey, Iraq, Sudan, Somalia, and Tanzania. Most of the victims appeared to be targeted individuals. Some, however, were government organizations and institutions.
Read the full article here at arsTECHNICA
- Highly advanced backdoor trojan cased high-profile targets for years
- Banking malware is using techniques once reserved for state-sponsored hacking gangs
- The Slingshot APT (PDF)
Further reading :