uk666 5,298 Report post Posted March 25, 2019 Hackers Hijacked ASUS Software Updates… Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers The Taiwan-based tech giant ASUS is believed to have pushed the malware to hundreds of thousands of customers through its trusted automatic software update tool after attackers compromised the company’s server and used it to push the malware to machines. Asus’ software update system was hacked and used to distribute malware to about 1 million Windows computers, according to the cybersecurity firm Kaspersky Lab. The malware was disguised as a “critical” software update, distributed from Asus’ servers, and signed using a real Asus certificate that made it appear to be valid. Details of the hack were first revealed by Motherboard, and Kaspersky plans to release more details at an upcoming conference. It’s not clear what the hackers were after. However, the hackers did seem to target specific Asus customers: the malware included special instructions for 600 systems, to be identified by specific MAC addresses. Once one of those systems was detected, the update would then install more malicious programs to further compromise the system. Kaspersky named the attack “ShadowHammer.” This kind of targeting is often associated with espionage attacks by nation states, most notably Stuxnet, which spread widely but did little to no harm on most infected systems. It doesn’t appear that Asus has contacted customers or acted to stop the malware. Asus said it would issue an official statement on the malware tomorrow afternoon. Asus apparently denied that the malware had come from its servers after being contacted by Kaspersky, then it stopped responding, according to Motherboard. While the malware could have been distributed to 1 million computers, Kaspersky tells Motherboard that the total PCs that installed it is estimated to be in the “hundreds of thousands.” Kaspersky says 57,000 people using its security software had the malware installed, and Symantec told Motherboard that it identified 13,000 customers with the malware. Hacking a company’s update system allows malicious actors to breach computers on a wide scale. It hasn’t been done frequently, but the fact that it can be done at all is a huge risk. Work is being done to develop more secure update systems, but for now, companies largely rely on their own solutions. Update March 25th: Asus says it will issue a statement tomorrow afternoon. 1 Share this post Link to post Share on other sites
Rædwulf 1,441 Report post Posted March 26, 2019 u know they always just label 'hackers', like some elusive character sitting in a dark room, punching away at the keyboard.. u want my honest opinion.. these so called hero hunters that protect the innocent at just a yearly fee, have to perpetrate new forms of malware or modified versions of the same old ones.. these r the first people that detect it and get give the malware it's name.. i can't tell how many pieces of malware that ive seen that was exactly identical to the other, just a different picture slapped on gui.. these monsters *cough cough* i mean anti-virus companies make the sh*t, then re-release it under a different look and different way.. usually by using an innocent looking trojan to unpack itself and dial home for the rests of it's lil homies.. either piggybacking on some sort of software or brute-forcing it's way into ur system by using exploits they pre-setup with other known tech giants.. not to name name's, microsh*t, google, etc.. alright, enough of my ranting.. u all, im sure get my point.. nevertheless thank u uk666 for the well put together article.. even though it was super vague on any details of merit from either side, the AV company or asus.. Share this post Link to post Share on other sites
