Employees of "Kaspersky Lab" found unkillable computer virus

Date:

2018-03-13 15:00:06

Views:

622

Rating:

1Like 0Dislike

Share:

Employees of

Almost every day on the world wide web to discover some new computer viruses. And very seldom happens so that viruses cannot be destroyed. Moreover, a rare virus is able to hide the years, from anti-virus developers. But, according to a recent report of the experts of "Kaspersky Lab", they were able to detect such a virus: it is almost impossible to destroy, and "worked" it in 2012.

The Virus got the name Slingshot and used to the point of spying on users. Virus can save keystrokes, send the screenshots to intercept the traffic, passwords and all data before they are encrypted. Moreover, the work of the virus does not cause any errors in the core system. Also managed to figure out how the virus was introduced into the system: this occurred through a vulnerability routers MikroTik. Manufacturers have already released new firmware, however, in «Kaspersky Lab» admit that a virus can use other ways of introduction. By penetrating into the router, the virus replaces one of the DDL malicious by uploading it into the computer's memory at startup. Thus, the malicious DLL starts the computer and connects to a remote server to download the program Slingshot. As noted by experts, the malware consists of two parts: Cahnadr module (kernel-mode) and GollumApp module (user mode), is designed to collect information, maintain the presence on the system and data theft. According to "Kaspersky Lab"

"the Module Cahnadr, also known as NDriver, has the functions of entitled, rootkit and traffic analysis, setup, other modules and more. Written in the C programming language, Canhadr provides full access to the hard drive and RAM, despite the limitations of the security unit, and performs integrity monitoring of various system components to avoid detection by security systems".

A High level of protection of the virus from being detected also deserves special mention. For example, another one of his modules is called a Spork. It collects information about the OS and what antivirus is installed on it. Depending on this, the virus uses different methods of infection.

"for Example, the virus used encrypted virtual file system, which was created in an unused part of the hard drive. This solution is very complex, and Slingshot is almost the only virus that are equipped with such technology. Moreover, each text string in units of virus is encrypted."

Who is the author of the virus, at the moment, could not figure out, but according to Engadget, based on code analysis, we can conclude that the malware created, most likely, English-speaking programmers. It is also reported that the main victims of hackers have become a number of government organizations of Kenya, Yemen, Libya, Afghanistan, Iraq, Tanzania, Jordan, Mauritius, Somalia, the Democratic Republic of the Congo, Turkey, Sudan and the United Arab Emirates.

Recommended

The fastest supercomputer in the world broke the record of artificial intelligence

The fastest supercomputer in the world broke the record of artificial intelligence

On the West coast of America the most valuable company in the world trying to make artificial intelligence smarter. Google and Facebook brag experiments using billions of photos and thousands of high-performance processors. But at the end of last yea...

Physicists have calculated the time of the state of superposition of graphene qubits

Physicists have calculated the time of the state of superposition of graphene qubits

the Possibility of practical use of quantum computers one step closer thanks to graphene. Experts from the Massachusetts Institute of technology and their colleagues from other research institutions were able to calculate the time of superposition, w...

At MIT used a biological virus in order to speed up your computer

At MIT used a biological virus in order to speed up your computer

whenever the computer (and any other electronic device) processes the data, there is a small delay, that is to say, the transfer of information "from one equipment to another" (e.g. from the memory to physical). The more powerful the components, the ...

Comments (0)

This article has no comment, be the first!

Add comment

Related News

Why is the AI still not mastered the translation languages?

Why is the AI still not mastered the translation languages?

In the myth about the tower of Babel the people decided to build a tower city that would get to heaven. And then the Creator realized that nothing would deter people and imagines they are not worth the bother. Then God created dif...

Serious quantum computers are ready to use. What they can do?

Serious quantum computers are ready to use. What they can do?

In a small laboratory in the lush countryside about a hundred miles North of new York city from the ceiling hangs a complex tangle of tubes and electronics. Is a computer, albeit messy. And it's not a regular computer. Perhaps it ...

Windows 10 in the new mode longer to save energy

Windows 10 in the new mode longer to save energy

the more difficult task — the more it will take energy. But the modern computing device, being very powerful, also often work from the battery. And there is a need to save energy. We are talking mostly about laptops, tablets...