Recently discovered malware has been found to be part of a “highly sophisticated attack platform” that is likely nation-sponsored and focused on cyber espionage. This malware, which may be able to collect many separate pieces of personal and private information, has actually been around for a while—but nobody seemed to know until now.
The discovery was made by (the now controversial) Kaspersky Lab, which broke down the Slingshot attack platform in an FAQ. According to Kaspersky, a cluster of activity from the Slingshot campaign “started in at least 2012,” so it’s been around for at least six years.
Kaspersky believes most victims of Slingshot were “initially infected through a Windows exploit or compromised Mikrotik routers.” The campaign’s malware has likely collected “screenshots, keyboard data, network data, passwords, USB connections, other desktop activity, clipboard and more,” though Kaspersky notes that really, it could steal whatever it wanted, including credit card numbers, password hashes, and social security account numbers.
At this point, most of the Slingshot victims found by Kaspersky are based in African and Middle Eastern countries. Further technical details on how Slingshot and its malware work can be found in the company’s published technical paper.
While we don’t know for sure that other countries or individuals weren’t targeted, at least for now, it doesn’t appear that American individuals were major targets for Slingshot. However, it is a frightening cautionary tale — that a large entity could create such an advanced attacking platform that it basically stays hidden for half a decade. What else is lurking out there that we don’t know about?
Of course, Kaspersky has made news of its own in recent months. White House cybersecurity coordinator Rob Joyce warned against using the company’s products due to Kaspersky’s suspected ties to Russian intelligence, and U.S. President Donald Trump later signed into law legislation that banned the use of Kaspersky products in the U.S. government.
H/T Ars Technica