ASUS announced to have released a fix for the Live Update utility that was exploited by threat actors behind the Operation ShadowHammer to deliver malware to hundreds of users.
The Operation ShadowHammer took place between June and November 2018, but experts from Kaspersky Lab discovered it in January 2019.
Over 1 million ASUS users may have been impacted by a supply chain attack that leveraged the ASUS Live Update utility to inject a
Discovered by Kaspersky in January 2019, Operation ShadowHammer took place between June and November 2018 and leveraged the proprietary tool that comes pre-installed on ASUS notebooks. The attack remained hidden because the actors used a stolen certificate to sign the compromised software.
Experts pointed out that Operation ShadowHammer was a targeted attack that surgically hit only 600 specific MAC addresses, but Kaspersky couldn’t determine the exact number of users who installed the tainted utility.
After Kaspersky disclosed the supply chain attack, ASUS has confirmed that a backdoor was delivered through a tainted version of its utility.
Asus has provided support to the victims to help them in
“A small number of devices have been implanted with malicious code through a sophisticated attack on our Live Update servers in an attempt to target a very small and specific user group,” ASUS said in an emailed statement.
ASUS addressed fixed the Live Update utility with the release of the version 3.6.8. The vendor implemented “multiple security verification mechanisms to prevent any malicious manipulation in the form of software updates or other means.”
It also implemented an enhanced end-to-end encryption mechanism and improved security of server-to-end-user communication.
The vendor also developed an online security diagnostic tool that allows users to check whether their computers have been impacted.
We encourage users who are still concerned to run it as a precaution,” ASUS says.
(SecurityAffairs – Asus,
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.