b374k
v10
today : | at : | safemode : ON
> / home / facebook / twitter / exit /
name author perms com modified label

A new evil malware found in routers Asylum rwxr-xr-x 0 10:29 AM

Filename A new evil malware found in routers
Permission rw-r--r--
Author Asylum
Date and Time 10:29 AM
Label
Action
A malware, dubbed as Slingshot was discovered by the Kaspersky Lab security researchers, which hid in routers for more than six years.

The malware is too powerful and sofisticated, it attacks and infects users systems through compromising  MicroTik routers and are run in kernel mode, which give them complete control over victims’ devices.

The researchers don’t know how many devices may have been infected. The attackers installed the malicious app inside MikroTik routers that Slingshot operators got access to.

“The malware is highly advanced, solving all sorts of problems from a technical perspective and often in a very elegant way, combining older and newer components in a thoroughly thought-through, long-term operation, something to expect from a top-notch well-resourced actor,” the researchers noted in their report.

According to the researchers, they found the Slingshot operation after a suspicious keylogger program was detected, to see if that code appeared anywhere else, the reseachers created a behavioral detection signature.

With this, the experts were able to discover a suspicious file inside a system folder named scesrv.dll, and analysis of the file showed that the scesrv.dll module had malicious code embedded into it.

In further investigation it was revealed that victims had been infected through routers that had been compromised through a malicious dynamic link library.

Slingshot’s main purpose is to collect screenshots, keyboard data, network data, passwords, USB connections, other desktop activity, clipboard data and more. And by accessing kernel they can steal whatever they want, the researchers said.



via E Hacking News - Latest Hacker News and IT Security News A new evil malware found in routers http://ift.tt/2tMFQBW

0 comments:

Post a Comment

 

Jayalah Indonesiaku © 2010 Hacker News
VB (Vio b374k) Template design by p4r46hcyb3rn3t