Skip to main content
  1. Home
  2. Computing
  3. News

Slingshot malware that attacks routers may be state-sponsored espionage tool

By

Keeping up with security updates for our various connected devices could be a full-time job. Whether it’s our smartphones, our PCs, our home assistants, or other devices, seemingly not a day goes by that we don’t hear about one security vulnerability or another. This time around, it’s the most central device in our networks, the router, that’s under attack.

Kaspersky recently reported on a new, fairly sophisticated, attack on MikroTik routers that its researchers described during the company’s Security Analyst Summit. Dubbed Slingshot, the vulnerability is a rather tricky piece of malware that can collect all kinds of information from PCs that are attacked via a compromised router — including screenshots, passwords, keyboard data, and other information.

Recommended Videos

While Kaspersky notified MikroTik of the issue and that company has already resolved the vulnerability, Kaspersky believes that other routers could still be affected. What makes Slingshot so potentially dangerous is that it piggybacks on legitimate router downloads and file executions — in this case, DLL files — which are used to infect PCs with kernel-mode malware that runs on affected machines without causing crashes. This malware, dubbed Cahnadr, joins with another piece called GollumApp that gives attackers “complete control” over a PC.

Related

Digging into the details of the vulnerability, it’s obvious that the malware is particularly sophisticated, so much so that Kaspersky’s researchers suspect it’s the work of a group that’s highly organized, professional, and indeed likely to be state-sponsored. Given the kind of information that the malware seeks out, it’s also likely that it’s designed to perform cyber-espionage, and given that it can access the system at a very low level it’s capable of stealing any kind of information that exists on an infected PC.

There’s nothing we can do in response to attacks like Slingshot other than the single most important step: make sure that all of our devices are fully updated. Installing all OS and hardware updates is more important than ever, and that’s true not just for the most visible devices we use every day, like our smartphones and PCs, but also those hidden devices like routers that can serve as attack vectors for every other device on our networks.

Editors’ Recommendations

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
We just got our first hint of the RTX 6090, but it’s not what you think
A hand grabbing MSI's RTX 4090 Suprim X.

As we're all counting down the days to a possible announcement of Nvidia's RTX 50-series, GPU brands are already looking ahead to what comes next. A new trademark filing with the Eurasian Economic Commission (EEC) reveals just how far ahead some manufacturers are thinking, because it mentions not just the Nvidia RTX 5090, but also an RTX 5090 Ti; there's even an RTX 6090 Ti. Still, it'll be a long while before we can count the RTX 60-series among the best graphics cards, so what is this all about?

The trademark registration filing, first spotted by harukaze5719 on X (formerly Twitter) and shared by VideoCardz, comes from a company called Sinotex International Industrial Ltd. This company is responsible for the GPU brand Ninja, which doesn't have much of a market presence in the U.S.

Read more
How the Blue Screen of Death became your PC’s grim reaper
The Blue Screen of Death seen on a laptop.

There's nothing more startling than your PC suddenly locking up and crashing to a Blue Screen of Death. Otherwise known as a Blue Screen, BSOD, or within the walls of Microsoft, a bug check screen, the Blue Screen of Death is as iconic as it is infamous. Blue Screen of Death is not a proper noun, but I'm going to treat it like one. It's what you were met with during crashes on Intel's 14th-gen CPUs, and it littered airport terminals during the recent CrowdStrike outage.

Everyone knows that a Blue Screen is bad news -- tack on "of Death" to that, and the point is only clearer. It's a sign that something catastrophic has happened, so much so that the operating system can't recover, and it needs to reboot your PC in order to save it. The Blue Screen of Death we know today, fit with its frowning emoticon, is a relatively new development in the history of Windows.

Read more
The performance downgrade made to the M4 Pro that no one is talking about
Someone using a MacBook Pro M4.

I've spent this whole week testing the new M4 chip, specifically the M4 Pro in both the Mac mini and 16-inch MacBook Pro. They are fantastic, impressive chips, but in my testing, I noticed something pretty surprising about the way they run that I haven't seen others talk much about. I'm talking about the pretty significant change Apple made in this generation to power modes.

First off, Apple has extended the different power modes to the "Pro" level chips for the first time, having kept it as an exclusive for Max in the past. The three power modes, found in System Settings, are the following: Low Power, Automatic, and High Power. The interesting thing, however, is that in my testing, the Low Power drops performance far more this time around.

Read more