When a system administrator logs in to configure the router, the router’s management software downloads and runs a malicious module on the administrator’s computer. The exact method for compromising the routers is not clear, but the attackers have found a way to add a malicious DLL to the device: this DLL is a downloader for other malicious files that are then stored on the router. Slingshot uses an unusual (and, as far as we know, unique) attack vector: many of the victims were attacked by means of compromised MikroTik routers. We discovered this threat – which rivals Regin and ProjectSauron in its complexity – during an incident investigation. Here is our annual round-up of major incidents and key trends from 2018 Targeted attack campaignsĪt this year’s Security Analyst Summit we reported on Slingshot – a sophisticated cyber-espionage platform that has been used to target victims in the Middle East and Africa since 2012. Increasingly, the devices targeted also include those that we don’t consider to be computers – from children’s toys to security cameras. All too often, both rely on manipulating human psychology as a way of compromising entire systems or individual computers. The result is a threat landscape that ranges from highly sophisticated targeted attacks to opportunistic cybercrime. The dependence on technology of governments, businesses and consumers provides a broad attack surface for attackers with all kinds of motives – financial theft, theft of data, disruption, damage, reputational damage or simply ‘for the lulz’. Many people routinely bank, shop and socialize online and the internet is the lifeblood of commercial organizations. The internet is now woven into the fabric of our lives.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |