US Blamed for Sophisticated Router Malware

John Lister's picture

Last week security researchers said a piece of malware named "Slingshot" was so sophisticated it was backed by a government. Now it appears that government was the United States and that the revelations may have compromised an anti-terror campaign.

The original reports didn't name the country involved. That might not quell controversy, however the reports came from Kaspersky Labs, a security company based in Russia.

Slingshot exploited a bug in a specific brand of routers. In simple terms, it was able to take advantage of the way the router updated its operating software on an attached PC. This allowed it to track and send data from the computer such as keyboard logs.

Kaspersky speculated a government was involved based on the sophistication of the malware, specifically how it stayed undetected for up to six years. This included hiding itself in a part of the computer not usually accessed by security software scans, and even shut itself down to avoid detection during live scans.

Africa And Middle East Targeted

Now "current and former US intelligence officials" have told CyberScoop that Slingshot was developed and used by the US military, specifically Joint Special Operations Command. The idea was to target members of terror groups such as ISIS and al-Qaeda. (Source: cyberscoop.com)

This revelation certainly fits with Kaspersky having detailed that countries in Africa and the Middle East were among the most targeted by Slingshot. CyberScoop's sources said the main aim was computers in Internet cafes known to be used by operatives hoping to avoid detection.

Operation May Have Been Blown

While the sources didn't comment on what's happened since the Kaspersky revelations, a former intelligence official said it was likely the US has had to abandon some of the surveillance. (Source: arstechnica.com)

If that's the case, Kaspersky publishing the details will likely lose it even more goodwill among the US government. Federal agencies are already blocked from using Kaspersky security products over fears this could in fact compromise security.

What's Your Opinion?

Does the revelation the US may have been behind Slingshot change your attitude to the story? Is using malware an acceptable measure for fighting terrorism? Was Kaspersky right to reveal its findings about the malware?

Rate this article: 
Average: 4.9 (10 votes)

Comments

Dennis Faas's picture

As the saying goes, sometimes you need to fight fire with fire - especially when dealing with terrorist organizations like ISIS. Surely this won't be the last USA-based malware exploit to make news. These types of attacks will happen again and again and most of us won't know about it for years because they are meant to be stealthy for a reason! It also goes to show that you should never, ever trust a foreign company when dealing with telecommunications (example: China's Broadcom attempted buyout of USA's Qualcomm).

Navy vet's picture

What brand?

John Lister's picture

Mikrotik.

Rusty's picture

...but were they wrong to have made public this malware discovery?