Slingshot APT malware, 6 years cyber spying

Slingshot is a malware used to cyber spying, was created to attack vulnerable routers and latter jump over the computers on the network to sniffing communications.

The malware, after the router attack, replace a Windows system library called “scesrv.dll” by another malicious library with the same size. This malicious library interact with other operative system elements even the kernel.

It’s possible this attack were being since 2012 and actually in 2018 is still in progress.

The Karspersky Lab’s researchers have been responsible for the discovery of this malware.