Killerelite06 Posted March 14, 2018 Share Posted March 14, 2018 Hi I found the following report on one of our local news sites and it got me a bit worried. Can it affect R1 users ? Kaspersky Lab has discovered what is being called a new strain of state-sponsored malware. Dubbed Slingshot, the malware invades PCs using an attack that targets MikroTik routers. The report stated that the attack replaces a library file with a malicious version that downloads other malicious components. It then launches an attack on the target PCs. Kaspersky Lab said Slingshot uses two “masterpieces” – a kernel mode module named Cahnadr, and GollumApp, a user mode module. “Running in kernel mode, Cahnadr gives attackers complete control over the infected computer,” it said. “The second module, GollumApp, is even more sophisticated. It contains nearly 1,500 user-code functions.” This lets an attacker collect screenshots, keyboard data, network data, and passwords. “What makes Slingshot really dangerous is the numerous tricks its actors use to avoid detection. It can even shut down its components when it detects signs that might indicate forensic research,” said Kaspersky Lab. Source article : https://mybroadband.co.za/news/security/252039-slingshot-malware-attacks-pcs-through-routers.html Link to comment Share on other sites More sharing options...
BIG__DOG Posted March 14, 2018 Share Posted March 14, 2018 LOL........Nowhere in that article does it mention Microtik routers. Anything that is connected to the world wide web is suspible to attack from individuals with no moral compass. I won't be paying any attention to it as I watch what I visit, I do not click links I am not sure of or photos from people i do not know! Vigilance is the word of the day! Link to comment Share on other sites More sharing options...
Netduma Staff Netduma Jack Posted March 14, 2018 Netduma Staff Share Posted March 14, 2018 We don't use the Mikrotik software on the R1 so even if this was affecting Mikrotik routers, it's highly unlikely that there would be any risk. I hope this puts your mind at ease Link to comment Share on other sites More sharing options...
skschatzman Posted March 14, 2018 Share Posted March 14, 2018 LOL........Nowhere in that article does it mention Microtik routers.LOL........Read the second sentence of the article. It's very easy to see. Link to comment Share on other sites More sharing options...
skschatzman Posted March 14, 2018 Share Posted March 14, 2018 We don't use the Mikrotik software on the R1 so even if this was affecting Mikrotik routers, it's highly unlikely that there would be any risk. I hope this puts your mind at ease The article says it targets the router file system, it doesn't say anything about targeting MikroTik software. I won't be satisfied until we get a statement from the developers. Link to comment Share on other sites More sharing options...
Netduma Staff Netduma Jack Posted March 15, 2018 Netduma Staff Share Posted March 15, 2018 The Netduma R1 has no management system so this malware cannot affect it. It is not using Mikrotik firmware, so by all standards will never be affected by this. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.