Malware in a router

A powerful malicious code has been detected that can monitor and download everything that happens on the computer, even without being installed on the target device itself. Instead, it is in the router.


This malicious code is called Slingshot, and it was recently discovered by Kaspersky Lab. The Slingshot of malware appears to be deployed primarily in targeted attacks against specific individuals. Security experts believe that the attack is “probably state-sponsored” given the highly sophisticated and organized nature of the attack. Slingshot also makes use of a virtual filesystem placed in an unused portion of the disk. In order to protect itself, it disables disk defragmentation as this operation may overwrite the hidden filesystem, the report noted. This strategy makes it more difficult for antivirus software.

Incredibly, malware is so powerful and complex that it was hiding in routers for six years before finally being noticed.

 

More.