Newly Discovered ‘Slingshot’ Malware Remained Hidden For Years

Recently discovered malware has been found to be part of a “highly sophisticated attack platform” that is likely nation-sponsored and focused on cyber espionage. This malware, which may be able to collect many separate pieces of personal and private information, has actually been around for a while—but nobody seemed to know until now.

The discovery was made by (the now controversial) Kaspersky Lab, which broke down the Slingshot attack platform in an FAQ. According to Kaspersky, a cluster of activity from the Slingshot campaign “started in at least 2012,” so it’s been around for at least six years.

Kaspersky believes most victims of Slingshot were “initially infected through a Windows exploit or compromised Mikrotik routers.” The campaign’s malware has likely collected “screenshots, keyboard data, network data, passwords, USB connections, other desktop activity, clipboard and more,” though Kaspersky notes that really, it could steal whatever it wanted, including credit card numbers, password hashes, and social security account numbers.

Overseas Malware

At this point, most of the Slingshot victims found by Kaspersky are based in African and Middle Eastern countries. Further technical details on how Slingshot and its malware work can be found in the company’s published technical paper.

While we don’t know for sure that other countries or individuals weren’t targeted, at least for now, it doesn’t appear that American individuals were major targets for Slingshot. However, it is a frightening cautionary tale — that a large entity could create such an advanced attacking platform that it basically stays hidden for half a decade. What else is lurking out there that we don’t know about?

Of course, Kaspersky has made news of its own in recent months. White House cybersecurity coordinator Rob Joyce warned against using the company’s products due to Kaspersky’s suspected ties to Russian intelligence, and U.S. President Donald Trump later signed into law legislation that banned the use of Kaspersky products in the U.S. government.

H/T Ars Technica

Phil Dzikiy

Phil Dzikiy

Phil Dzikiy is the former editor in chief of Security Baron. Before, he has worked as a freelance writer and editor at websites like and along with publications like the Lockport Union Sun & Journal and the Greater Niagara Newspapers. With digital and print experience under his belt, Phil has a passion for all things technology including home security, cyber security, and the smart home. His bachelor's degree in Journalism from the University of Maryland College Park initially landed Phil his first job at the Beaver County Times, which has lead to over 15 years of experience as a journalist.

Trending News

Follow Us