Researchers have discovered malware that managed to infect several routers but stayed hidden for six years. The malware, dubbed Slingshot on account of text found inside some of the recovered malware samples, is one of the most advanced attack platforms ever discovered, according to researchers at Kaspersky Labs. It is thought that the malware was developed by a well- resourced country. The malware targeted around 100 victims in the Middle East and Africa and used various and techniques to launch attacks. It attacked government organisations across several countries including Kenya, Yemen, Libya, Afghanistan, Iraq, Tanzania, Jordan, Mauritius, Somalia, the Democratic Republic of the Congo, Turkey, Sudan and the United Arab Emirates. Researchers were unable to identify how it infected systems, but somehow, hackers were able to get access to routers made by Latvian manufacturer MikroTik and infect them with the malware as a means of accessing other computers on the network.The initial loader replaces the victim's legitimate Windows library with a malicious one of exactly the same size. Not only that, it interacts with several other modules including a ring-0 loader, kernel-mode network sniffer, own base-independent packer, and virtual filesystem, among others Kaspersky Lab reported.

While for most victims the infection vector for Slingshot remains unknown, researchers were able to find several cases where the attackers got access to Mikrotik routers and placed a component downloaded by Winbox Loader, a management suite for Mikrotik routers. In turn, this infected the administrator of the router. The malware also used zero-day vulnerabilities to attack targets. Slingshot used modules called - GollumApp and Cahnadr.

The two modules are connected and able to support each other in information gathering, persistence, and data exfiltration. Researchers said that GollumApp contained nearly 1,500 user-code functions and provides most of the above described routines for persistence, file system control, and C&C communications. Canhadr, also known as NDriver, contains low-level routines for network, IO operations, etc. Its kernel-mode program is able to execute malicious code without crashing the whole file system or causing a blue screen of death. Slingshot may have concealed itself by using its own encrypted file system in an unused part of a hard drive. Kaspersky researchers said that the malware can collect screenshots, keyboard data, network data, passwords, other desktop activity, the clipboard, and a lot more. Slingshot is very complex, and the developers behind it have clearly spent a great deal of time and money on its creation Kaspersky Lab researchers said.

Boogie down productions criminal minded zip download. Criminal Minded is the debut studio album by hip hop music group Boogie Down Productions, released on March 3, 1987 by B-Boy Records.Considered a highly influential hip hop album, it is also credited with providing a prototype for the East Coast gangsta rap which emerged in the following decades. Criminal Minded Boogie Down Productions Zip.zip download at 2shared. Click on compressed file Criminal Minded Boogie Down Productions Zip.zip to start downloading. 2shared - Online file upload - unlimited free web space. File sharing network. File upload progressor. Fast download. 17426406 compressed files available. Criminal Minded is widely considered the foundation of hardcore rap, announcing its intentions with a cover photo of KRS-One and Scott La Rock (on his only album with Boogie Down Productions) posing with weapons -- an unheard-of gesture in 1987.

Its infection vector is remarkable—and, to the best of our knowledge, unique, they added. Javvad Malik, security advocate at AlienVault, told SC Media UK that the attack illustrates once again how criminals will look to compromised devices and the supply chain. “The biggest challenge with these sorts of attacks is ensuring fixes can be applied across the supply chain,” he said. “Sometimes the router hardware manufacturer doesn't write the code, so even notifying the router manufacturer won't necessarily fix the issue. In many cases though, manufacturers won't issue patches or updates to network products that are no longer shipping, making the task of securing them more difficult. “Where patches are available, users should be encouraged to install them wherever possible.

Try RouterOS now by using our online demo routers. Connect via Telnet or download our graphical application WinBox (latest version).When connecting in either way, use the address demo.mt.lv or demo2.mt.lv. Username is 'demo' and there is no password.

Additionally, enterprises should look to invest in threat detection controls that can monitor network traffic for anomalies and detect where endpoints may have been compromised.” Joseph Carson, chief security scientist at Thycotic, told SC Media UK that organisations can defend against such attacks by following some basic best practices such as keeping software updated and systems patched. “The vendor MikroTik has already patched this particular vulnerability used in Slingshot as well as other vulnerabilities so applying the latest version will eliminate such risks as well as patching all systems with known vulnerabilities,” he said. “This is most likely a nation state actor due to the specific sophistication used in the exploit and given its popular use in Eastern Europe, it was probably used to steal and gather intelligence in the region.”.

Security researchers at Kaspersky have identified a sophisticated APT hacking group that has been operating since at least 2012 without being noticed due to their complex and clever hacking techniques. The hacking group used a piece of advanced malware—dubbed Slingshot—to infect hundreds of thousands of victims in the Middle East and Africa by hacking into their routers. According to a 25-page report published [] by Kaspersky Labs, the group exploited unknown vulnerabilities in routers from a Latvian network hardware provider Mikrotik as its first-stage infection vector in order to covertly plant its spyware into victims' computers. Winbox Loader is a legitimate management tool designed by Mikrotik for Windows users to easily configure their routers that downloads some DLL files from the router and execute them on a system.