Hackers Attack Asus Computers | ShadowHammer

Hackers took over Asus updates to send malware, researchers found

However, Kaspersky is not the only security outfit to trace the malware samples back to Asus. Whoever was behind the attack used stolen digital certificates to sign tampered versions of the Live Update tool.

The Asus users can either check their MAC addresses online or run this tool to confirm if they are affected.

According to Kaspersky Labs, the attack targeted around 600 systems, with the devices' MAC addresses being hardcoded into the malware.

Moscow-based cyber security provider Kaspersky Lab said the attack took place between June and November previous year and was used to deliver a software update with a "backdoor" that would give hackers access to infected machines. Although the attack may have ensnared over a million devices, it was created to surgically target only a select number of PCs based on their network adapter's MAC addresses. Once installed, it would search for pre-determined MAC addresses, hinting toward the targeted nature of this attack, and, if found, connect to a third-party server that would install malware on these machines. Moreover, the firm has dubbed the attack as ShadowHammer. "At the same time, we have also updated and strengthened our server-to-end-user software architecture to prevent similar attacks from happening in the future", ASUS said.

The Russia-based cybersecurity company was only able to find those numbers for its own users, and estimates that the malware could affect more than a million Asus owners worldwide. The company has also made available a security diagnostics tool that scans your system to determine if you've been backdoored [Download Link].

Читайте также: Trump wins wall battle as House fails to override veto

From the wording of Asus's statement, the PC maker seems more concerned about the tampering of downloads while they are in transit, effectively thwarting man-in-the-middle attacks.

Furthermore, according to a tweet from the reporter who broke the story yesterday, ASUS had also tried to have Kaspersky sign a non-disclosure agreement (NDA) in an attempt to keep the incident quiet.

Motherboard subsequently contacted a secondary security company, Symantec, to confirm if its customers received the malicious code. Those targets were located by their MAC address, a unique identifier for the computer's network adapter.

"While Asus may have released a fix, if you've already been compromised that might not be enough".

In both that and this case, the attackers infected a large number of devices but were apparently after very specific targets.

При любом использовании материалов сайта и дочерних проектов, гиперссылка на обязательна.
«» 2007 - 2019 Copyright.
Автоматизированное извлечение информации сайта запрещено.

Код для вставки в блог

Related:

Comments

Latest news

Trump Administration Now Says Entire Affordable Care Act Should Be Repealed
Millions of people benefit from the ACA's taxpayer-subsidized private insurance plans, but enrollment is declining. The change comes as newly empowered Democrats in the House have vowed to protect the ACA from Republican attacks.

May: Parliament support 'insufficient' for Brexit deal
Labour leader Jeremy Corbyn also warned the Government must "take this process seriously". He added: "The government has failed and this House must, and I believe will, succeed".

Nintendo Reportedly Planning to Launch Two Different Switch Devices
This seems like a reasonable bet, and the Switch is one cow Nintendo will be keen to squeeze the Lon Lon milk out of. Either way, if you've been considering buying a Switch , you might wanna hold off for a few months.

Ronaldo Forced Off With Injury During Portugal’s Euro 2020 Qualifier
In that game against Germany, Serbia was being outplayed throughout entire game by having only 34% ball possession and only 1 shot on goal but their defense was just impressive.

The physical Apple Card is a thing of beauty
It works globally where Apple Pay is accepted, lets users track spending in the Wallet app, and focuses on transaction privacy. All of that, of course, is stored in the Apple Wallet app, so Apple figures there's no need to have it on the card.

Patriots officially will open season on Sunday night, not Thursday
The NFL has made a decision to break away from tradition this year, with the Super Bowl champions not hosting the season opener. The Green Bay Packers and Chicago Bears will continue the oldest rivalry in the NFL by opening the league's 100th season.

Spice Girls' Mel B Reveals She Hooked Up with Geri Halliwell
She said the incident with Halliwell happened only "one time". "She had great boobs". A Spice Girls bombshell. "This isn't something she's going to forget easily".

Man caught on camera kicking elderly woman in the Bronx arrested
A 36-year-old man has been arrested on suspicion of carrying out a vicious attack on a homeless woman that was caught on video. He was arrested Saturday in Manhattan and charged with multiple counts of assault and harassment, the NYPD said in a statement.

Chelsea: Borussia Dortmund want Hudson-Odoi to be their next Sancho
He has been excellent in the Europa league; bagging four goals in eight appearances. Hopefully, there's many more to come". I've still got a little bit to go.

Death of second Parkland student being investigated, police say
A dozen studies have found that people who die by suicide were more likely to live in homes with guns, according to Harvard's T.H. The student's death occurred on Saturday evening and is under investigation, said Coral Springs Police spokesman Tyler Reik.

Australia: Cyclone Veronica lashes west coast
A unsafe storm tide was also predicted to hit the region early this morning and damaging waves are predicted to bring inundation. A yellow alert was issued for people in communities from Wallal and Pardoo to prepare to take action.

You can now bet on whether Zion Williamson posterizes Tacko Fall
UCF coach Johnny Dawkins: "We have been challenging Tacko all season long about really imposing his will on the game". If both are able to play big minutes, Duke is the double-digit favorite for that reason.

Passengers rescued from Norwegian cruise ship in storm
Passengers were suited up in orange life vests as the waves broke some of the ship's windows and cold water flowed over the floor. Helicopters have been airlifting the people one by one since Saturday night and the process could continue through Sunday.

Two US service members killed in Afghanistan
Meanwhile, Afghanistan's security forces and civilians continue to bear the brunt of deaths in the war. But he was unable to persuade the Taliban to launch talks with the Afghan government.

England coach Gareth Southgate delighted with his debutants
Hudson-Odoi was keen to join him in the Bundesliga when Bayern Munich came knocking in January and questions remain over his Chelsea future. "He's got some outstanding players just in front of him.

Other news