{"id":252039,"date":"2018-03-12T18:30:04","date_gmt":"2018-03-12T16:30:04","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=252039"},"modified":"2018-03-12T18:32:30","modified_gmt":"2018-03-12T16:32:30","slug":"slingshot-malware-attacks-pcs-through-routers","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/252039-slingshot-malware-attacks-pcs-through-routers.html","title":{"rendered":"Slingshot malware attacks PCs through routers"},"content":{"rendered":"<p>Kaspersky Lab has discovered what is being called a new strain of\u00a0state-sponsored malware.<\/p>\n<p>Dubbed <a href=\"https:\/\/www.kaspersky.com\/blog\/web-sas-2018-apt-announcement-2\/21514\/?ref=555601-72705X1521812Xd0853fd15c4753d7560ee43b3abeba77&amp;affmt=2&amp;affmn=1\" target=\"_blank\" rel=\"noopener\"><strong>Slingshot<\/strong><\/a>, the malware invades PCs using an attack that targets\u00a0MikroTik routers.<\/p>\n<p>The report stated that the attack replaces a library file with a malicious version that downloads other malicious components.<\/p>\n<p>It then launches an attack on the target PCs.<\/p>\n<p>Kaspersky Lab said\u00a0Slingshot uses two &#8220;masterpieces&#8221; &#8211;\u00a0a kernel mode module named Cahnadr, and GollumApp, a user mode module.<\/p>\n<p>&#8220;Running in kernel mode, Cahnadr gives attackers complete control over the infected computer,&#8221; it said.<\/p>\n<p>&#8220;The second module, GollumApp, is even more sophisticated. It contains nearly 1,500 user-code functions.&#8221;<\/p>\n<p>This lets an attacker collect screenshots, keyboard data, network data, and passwords.<\/p>\n<p>&#8220;What makes Slingshot really dangerous is the numerous tricks its actors use to avoid detection. It can even shut down its components when it detects signs that might indicate forensic research,&#8221; said Kaspersky Lab.<\/p>\n<h3 class=\"my-4\">Now read:\u00a0<a href=\"https:\/\/mybroadband.co.za\/news\/security\/251141-your-smartphone-location-data-is-being-sold.html\" rel=\"bookmark\">Your smartphone location data is being sold<\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"<p>Kaspersky Lab has discovered a new strain of\u00a0malware.<\/p>\n","protected":false},"author":23,"featured_media":152621,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[801,49379,25479],"class_list":["post-252039","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-malware","tag-router-hack","tag-slingshot"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/252039"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/23"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=252039"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/252039\/revisions"}],"predecessor-version":[{"id":252041,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/252039\/revisions\/252041"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/152621"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=252039"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=252039"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=252039"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}