We have all seen spy movies where an agent is infiltrated in an illegal organization and stays like that for years, gathering information for the police, and never gets discovered until the very end. Sounds like a movie that would be liked by many. But have you ever heard of a similar scenario but the one that involves dangerous malware?
That is definitely not a movie, but reality and the dangerous malware managed to stay hidden for six years before being discovered. This malware is most advanced which means it was developed for someone who had the money to afford it and it was among the most advanced attack platforms ever discovered. They named it Slingshot because that was the term most often used in parts of the malware that was recovered.
The reason why Slingshot was created was espionage. It would log desktop activity and all of its content, collected screenshots, keyboard and USB data and many other passwords. Slingshot was created with the ability to access the data on the infected computer, whether it was the hard drive or the internal memory.
The malware is very sneaky and dangerous, created in a technically elegant way. It combines old and new components and was created for a long-term operation, without ever being discovered. Specifics of the router technique have not been revealed yet, but they involve using a MikroTik configuration utility called Windbox. It downloads dynamic link library files from the router’s file system, transfers the malicious agent to the desired computer and then does what it was created to do.
This malware may be dangerous but its creation is unique and remarkable. If only such knowledge and talent would be used for good of mankind and not to cause damage.