ASUS software updates were used to spread malware

Credit: Lukmanazis/Shutterstock

Credit: Lukmanazis/Shutterstock

Security researchers today revealed another massive supply chain attack that compromised over 1 million computers manufactured by Taiwan-based tech giant ASUS.

A group of state-sponsored hackers last year managed to hijack ASUS Live automatic software update server between June and November 2018 and pushed malicious updates to install backdoors on over one million Windows computers worldwide.

On Monday, researchers from Kaspersky Labs said the attack was first detected in January 2019. It is believed that the campaign, dubbed Operation ShadowHammer, took place between June and November 2018 and has potentially compromised countless users — despite there being only a small list of individuals the hackers wished to target.

If a victim was identified through the malware’s “surgical” filtration methods, then the trojanized software would install a backdoor and download additional payloads on to their machine. The researchers say that if you downloaded the software and backdoor but are not on the target list, the malware does nothing further.

Asus’ software update system was hacked and used to distribute malware to about 1 million Windows computers, according to the cybersecurity firm Kaspersky Lab. The malware was disguised as a “critical” software update, distributed from Asus’ servers, and signed using a real Asus certificate that made it appear to be valid.

Asus says it will issue a statement tomorrow afternoon.

Total
0
Shares
0 0 votes
Article Rating
guest
0 Comments
Inline Feedbacks
View all comments
Prev
Child Online Safety Campaign in Nigeria
Child online Safety

Child Online Safety Campaign in Nigeria

Child Online Safety Campaign in Nigeria Children are now referred to as digital

Next
Facebook’s New Settings Allows Hackers To Easily Pentest Facebook,Instagram Mobile Applications
Facebook

Facebook’s New Settings Allows Hackers To Easily Pentest Facebook,Instagram Mobile Applications

Facebook has introduced a new feature in it's platforms which has been designed

You May Also Like
0
Would love your thoughts, please comment.x
()
x