Skip to main content
  1. Home
  2. Computing
  3. News

Slingshot malware that attacks routers may be state-sponsored espionage tool

Mark Coppock
By

Keeping up with security updates for our various connected devices could be a full-time job. Whether it’s our smartphones, our PCs, our home assistants, or other devices, seemingly not a day goes by that we don’t hear about one security vulnerability or another. This time around, it’s the most central device in our networks, the router, that’s under attack.

Kaspersky recently reported on a new, fairly sophisticated, attack on MikroTik routers that its researchers described during the company’s Security Analyst Summit. Dubbed Slingshot, the vulnerability is a rather tricky piece of malware that can collect all kinds of information from PCs that are attacked via a compromised router — including screenshots, passwords, keyboard data, and other information.

Recommended Videos

While Kaspersky notified MikroTik of the issue and that company has already resolved the vulnerability, Kaspersky believes that other routers could still be affected. What makes Slingshot so potentially dangerous is that it piggybacks on legitimate router downloads and file executions — in this case, DLL files — which are used to infect PCs with kernel-mode malware that runs on affected machines without causing crashes. This malware, dubbed Cahnadr, joins with another piece called GollumApp that gives attackers “complete control” over a PC.

Related

Digging into the details of the vulnerability, it’s obvious that the malware is particularly sophisticated, so much so that Kaspersky’s researchers suspect it’s the work of a group that’s highly organized, professional, and indeed likely to be state-sponsored. Given the kind of information that the malware seeks out, it’s also likely that it’s designed to perform cyber-espionage, and given that it can access the system at a very low level it’s capable of stealing any kind of information that exists on an infected PC.

There’s nothing we can do in response to attacks like Slingshot other than the single most important step: make sure that all of our devices are fully updated. Installing all OS and hardware updates is more important than ever, and that’s true not just for the most visible devices we use every day, like our smartphones and PCs, but also those hidden devices like routers that can serve as attack vectors for every other device on our networks.

Editors' Recommendations

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
Get this Asus laptop with a year of Microsoft Office for $199
asus vivobook go laptop deal amazon march 2024 lifestyle

You don't need to spend several hundreds of dollars on a new laptop that you'll use as a productivity tool because there are budget-friendly options like the Asus Vivobook Go L510MA. It's actually currently even cheaper from Walmart after an $80 discount, which brings its price down to just $199 from $279 originally. There's no telling how much time is remaining before the offer expires though, so if you want to take advantage of it, you're going to have to proceed with the purchase as soon as possible.

Why you should buy the Asus Vivobook Go L510MA
For a laptop that will be able to handle basic activities like doing online research, building reports, and browsing social media, you can't go wrong with the Asus Vivobook Go L510MA. It's equipped with the Intel Pentium Silver N5030 processor and 4GB of RAM, which are a far cry from the specifications of the best laptops, but it will be enough for simple tasks. The device also comes with a 15.6-inch screen with Full HD resolution, which is pretty large and sharp for its price, but it's still portable as it only weights about 3.5 pounds with a thickness of just 0.72 of an inch.

Read more
These are the 10 best gaming PCs I’d recommend to anyone
Graphics card in the CLX Hathor PC.

We review dozens of gaming PCs each year. In 2024, there are a ton of great options, but we've narrowed them down to a list of the 10 best gaming desktops that deserve your hard-earned money.

In 2024, we still recommend the Alienware Aurora R16 because of its fantastic design, solid performance, and decent value. However, there are several other options depending on your needs and budget. If you want a deeper look into how we evaluate gaming PCs, make sure to read about how we review desktops.

Read more
Samsung’s crazy 57-inch curved 4K monitor is $700 off today
The Samsung Odyssey Neo G9 57-inch mini-LED gaming monitor placed on a desk.

Your investment in gaming PC deals will  go to waste if you don't upgrade your screen, and if you're willing to splurge for the best possible gaming experience, you'll want to go for the 57-inch Samsung Odyssey Neo G9 curved gaming monitor. It's pretty expensive at its original price of $2,500, so you're going to want to take advantage of any discounts that are available. Fortunately, Samsung has slashed its price by $700 so it's down to $1,800 -- it's still not cheap, but once you're playing your favorite games on this monitor, you'll quickly understand why it's worth every single penny.

Why you should buy the 57-inch Samsung Odyssey Neo G9 curved gaming monitor
The Samsung Odyssey Neo G9 curved gaming monitor features a 57-inch screen with dual 4K Ultra HD resolution and a 1000R curvature, so it will fully immerse you in the worlds of the video games that you play with its lifelike details and vivid colors. It also supports HDR 1000 for better visual accuracy, and it uses Quantum Matrix technology for controlled brightness and improved contrast.

Read more