Hackers attacked one million-plus Asus users through malicious update

Hijacked ASUS software updates installed backdoor on at least 0.5 million PCs

EnlargeGetty Images

As the site noted, ASUS has previously settled charges brought by the Federal Trade Commission (FTC) over vulnerabilities in its routers-flaws that it was accused of concealing from consumers for a year or more - by promising to "establish and maintain a comprehensive security program subject to independent audits for the next 20 years".

The update was not detected as suspicious files by Windows because it was given an Asus digital certificate to make it look authentic.

The company also announced that it provides "an online security diagnostic tool" available for download HERE, which will allow ASUS customers to check if their computers have been impacted by the APT campaign. Nicknamed as ShadowHammer, Kaspersky stated that the hacker somehow has a specific list of targets involving 600 systems in which the malware can identify using their MAC addresses.

Kaspersky Lab researchers say that the attack unfolded between June and November 2018 and involved the ASUS Live Update Utility, which comes pre-installed on most ASUS computers and is used to automatically update certain components such as BIOS, UEFI, drivers and applications.

Xiaomi reveals 100-watt charging and it destroys the next best solution
In a Weibo post , President and co-founder of Xiaomi stated that the technology can charge a smartphone from 0-100% in just 17 minutes.

The researchers discovered the attack in January, after hackers took over the Asus Live Update Utility to quietly install malware on devices.

In a statement to CRN, cybersecurity firm Symantec said it "can confirm the ASUS software supply chain attack".

Aside from patching the software, ASUS has also "implemented an enhanced end-to-end encryption mechanism" and "strengthened server-to-end user software architecture" to prevent similar attacks like this in the future. Kaspersky Labs said Monday, March 25, that the exploit likely affected more than 1 million computers from the world's No. 5 computer company, though it was created to surgically install a backdoor in a much smaller number of PCs.

If you suspect that you've been infected with ShadowHammer, Kaspersky has released a tool that can help you check. The update tool is preinstalled on the majority of new Asus devices.

New Zealand Prime Minister Announces Formal Probe Into Christchurch Attack
Her cabinet had previously agreed on holding an inquiry, but had not decided what kind of investigation would be held. She said the exact terms of the inquiry, including its duration, would be finalized over the next two weeks.

The Stuxnet malware that sabotaged Iran's uranium enrichment plant was likewise distributed through official update channels. Motherboard, which broke the news, said it first reached out to ASUS on Thursday but had yet to get a response.

Symantec also confirmed the attack to Motherboard, noting that it identified 13,000 of its own customers who had been affected.

If you're an ASUS user and you have any further questions or concerns, ASUS say to please contact their customer service team. Someone had very specific ideas who they wanted to hit and they knew the MAC addresses to target.

That being said, out of the thousands of infected machines, only a small subset appeared to be targeted by the hackers.

McConnell blocks Schumer's first effort to get full Mueller report
Named to the blacklist were House Intel Chairman Adam Schiff , Congressman Eric Swalwell , former CIA Director John Brennan , Sen.

"They were not trying to target as many users as possible", Kamluk continues.

Latest News