Kaspersky describes these two elements as "masterpieces," and for good reason. For one, it's no mean feat to run hostile kernel code without crashes. Slingshot also stores its malware files in an encrypted virtual file system, encrypts every text string in its modules, calls services directly (to avoid tripping security software checks) and even shuts components down when forensic tools are active. If there's a common method of detecting malware or identifying its behavior, Slingshot likely has a defense against it. It's no wonder that the code has been active since at least 2012 -- no one knew it was there.
GoToMyPC has been targeted with "very sophisticated password attack," and is advising all users to reset their passwords. In a statement on its website, Citrix, which owns the remote control service, said users will be required to reset your GoToMyPC password before they can login again and encourages users to use two-factor authentication. "We sincerely apologize for the inconvenience and frustration this issue may be causing," Citrix said. The company didn't confirm the number of passwords it believes are stolen or what other information the hackers may have, as it's still investigating the hack. We have reached out to Citrix for more information and will keep you updated.