Specialists at the multinational cybersecurity company Kaspersky Lab have managed to track the brand-new Slingshot malware, which they said contains "two masterpieces", including the kernel mode module Cahnadr and the user mode module GollumApp, according to the company's blog.
The Canhadr virus affects the kernel code, which allows attackers to gain expanded access to computer memory at all levels, while GollumApp damages the user level, taking control of the files and constantly monitoring the persistence of malware in the operating system.
"Thanks to those modules, Slingshot can collect screenshots, keyboard data, network data, passwords, other desktop activity, the clipboard, and a lot more. And all without exploiting any zero-day vulnerabilities," the Kaspersky Lab blog said.
Specialists warned that the new virus is especially dangerous due to its "numerous tricks to avoid detection." For example, to distract any suspicion from itself, the Slingshot virus quickly initiates computer security checks on its own.