![]() The malicious supply chain campaign was dubbed Operation ShadowHammer by GReAT and, as initially reported by Kim Zetter, it supposedly led to the backdoored version of ASUS Live Update being downloaded and installed on the computers of more than 57,000 Kaspersky users. ![]() Yesterday, Kaspersky Lab announced that its Global Research and Analysis (GReAT) team has detected a new APT campaign in January 2019, estimated to have run between June and November 2018, allegedly impacting over one million users who have downloaded the ASUS Live Update Utility on their computers. ![]() ShadowHammer victim distribution according to Kaspersky In addition, "In order to ensure the security of your information, ASUS recommends that you regularly update your passwords," while users who want to check if they have the malware-free ASUS Live Update tool can do so by following the instructions available HERE. This will completely remove the malware from your computer." The company also announced that it provides "an online security diagnostic tool" available for download HERE, which will allow ASUS customers to check if their computers have been impacted by the APT campaign.Ĭustomers who discover that their machines have been affected are advised to "Immediately run a backup of your files and restore your operating system to factory settings. To be able to block further attacks targeting its servers, ASUS says that it "updated and strengthened our server-to-end-user software architecture." Says only small number of machines infected (researchers say 500k+) also says it’s finally begun to notify customers ( told them about prob in Jan.) They don’t bother to thank Kaspersky at all in statement. The company also said that "only the version of Live Update used for notebooks has been affected," with all other devices not being affected by the supply chain attack.Īdditionally, ASUS states that its "customer service has been reaching out to affected users and providing assistance to ensure that the security risks are removed."Īs detailed in the press release, the company fixed the issue in the ASUS Live Update tool's 3.6.8 release by adding a number of security check mechanisms designed to block "malicious manipulation" via updates or any other methods. ![]() "A small number of devices have been implanted with malicious code through a sophisticated attack on our Live Update servers in an attempt to target a very small and specific user group," says ASUS. Asus confirmed today that its Live Update utility has been indeed infected with malicious code by an advanced persistent threat (APT) group as part of a supply chain attack which managed to compromise some of its servers. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |