Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
EVGA GeForce RTX 3070 FTW3 Ultra review
Corsair 5000D PC Chassis Review
NZXT Kraken X63 RGB Review
ASUS Radeon RX 6900 XT STRIX OC LC Review
TerraMaster F5-221 NAS Review
MSI Radeon RX 6800 XT Gaming X TRIO Review
Sapphire Radeon RX 6800 NITRO+ review
Corsair HS70 Bluetooth Headset Review
MSI MEG X570 Unify review
Scythe Ninja 5 air cooler review

New Downloads
3DMark Download v2.16.7117 + Time Spy
Prime95 download version 30.4 build 6
Crystal DiskMark 8.0.1 Download
Corsair Utility Engine Download (iCUE) Download v3.37.140
ReShade download v4.9.1
GeForce 461.09 WHQL driver download
Intel HD graphics Driver Download Version: DCH 27.20.100.9126
HWiNFO Download v6.41–4345 Beta
MSI Afterburner 4.6.3 Beta 4 Download
BaseMark GPU Benchmark v1.2.3 download


New Forum Topics
Creative Labs releases special edition Sound Blaster Z PCIe Samsung Brings the Ultimate Gaming Experience to 2021 Neo QLED and QLEDs Antec offer new mid tower "DF700 FLUX" with original airflow design EK To Offer All Black Entry All-in-One Water Cooling EK-AIO Basic Series (RGB free) Kingston To Release HyperX Pulsefire Haste - Honeycomb shell lightweight gaming mouse CD Projekt apologizes for the release of Cyberpunk 2077 and shows 2021 roadmap TerraMaster Releases F5-422 NAS with 10GbE Steam Best Selling Games for Week 3 2021 Games with the Unity engine stutter Intel to Discontinue Optane Products for the Consumer Market




Guru3D.com » News » Hackers Hijacked ASUS Software Updates and Installed Backdoors on Many PC's and Laptops

Hackers Hijacked ASUS Software Updates and Installed Backdoors on Many PC's and Laptops

by Hilbert Hagedoorn on: 03/25/2019 04:42 PM | source: motherboard.vice.com | 26 comment(s)
Hackers Hijacked ASUS Software Updates and Installed Backdoors on Many PC's and Laptops

Asus Live Update software installed on laptops and PCs from the Taiwanese manufacturer contained a backdoor between June and November 2018. Malicious folks this way could install malware on specific systems. The malware was targeted at specific mac addresses though?

Kaspersky discovered the presence of the backdoor in January and informed Asus at the end of that month. According to security researchers, the update software was infected with a backdoor in the timeframe of June up-to November 2018. Kaspersky has named this attack 'ShadowHammer' and has put a tool online for users to check whether their Asus laptop contains the backdoor.

They also created a page on which users can verify if their mac address is included on the list of targets. ASUS is believed to have pushed this malware to hundreds of thousands of customers through its trusted automatic software update tool after attackers compromised the company's server and used it to push the malware to machines. From the report posted at motherboard.vice.com: 

Researchers at cybersecurity firm Kaspersky Lab say that ASUS, one of the world's largest computer makers, was used to unwittingly to install a malicious backdoor on thousands of its customers' computers last year after attackers compromised a server for the company's live software update tool. The malicious file was signed with legitimate ASUS digital certificates to make it appear to be an authentic software update from the company, Kaspersky Lab says. ASUS, a multi-billion dollar computer hardware company based in Taiwan that manufactures desktop computers, laptops, mobile phones, smart home systems, and other electronics, was pushing the backdoor to customers for at least five months last year before it was discovered, according to new research from the Moscow-based security firm.

The researchers estimate half a million Windows machines received the malicious backdoor through the ASUS update server, although the attackers appear to have been targeting only about 600 of those systems. The malware searched for targeted systems through their unique MAC addresses. Once on a system, if it found one of these targeted addresses, the malware reached out to a command-and-control server the attackers operated, which then installed additional malware on those machines. Kaspersky Lab said it uncovered the attack in January after adding a new supply-chain detection technology to its scanning tool to catch anomalous code fragments hidden in legitimate code or catch code that is hijacking normal operations on a machine. The company plans to release a full technical paper and presentation about the ASUS attack, which it has dubbed ShadowHammer, next month at its Security Analyst Summit in Singapore.







« Download: GeForce 419.67 WHQL · Hackers Hijacked ASUS Software Updates and Installed Backdoors on Many PC's and Laptops · Grab for free: The Elder Scrolls III: Morrowind »

6 pages 1 2 3 4 5 6


GREGIX
Senior Member



Posts: 660
Joined: 2004-09-20

#5653965 Posted on: 03/25/2019 04:32 PM
Nice....never trusted their software anyway, always something was wrong with installer on my z97

fantaskarsef
Senior Member



Posts: 12048
Joined: 2014-07-21

#5653970 Posted on: 03/25/2019 04:45 PM
Never use such a software by principle myself, but I'm fairly sure there's a lot of people doing it. Also, from the linked article:

“They were not trying to target as many users as possible,” said Kamluk. “They wanted to get into very specific targets and they already knew in advance their network card MAC address, which is quite interesting.”


BlackZero
Senior Member



Posts: 8879
Joined: 2007-06-17

#5653975 Posted on: 03/25/2019 04:53 PM
Espionage, I hear. :eek::p :D

fantaskarsef
Senior Member



Posts: 12048
Joined: 2014-07-21

#5653977 Posted on: 03/25/2019 04:56 PM
Espionage, I hear. :eek: :p :D


In the article, at one point they hint at the hackers behind this might be connected to Stuxnet etc., so they're not after stealing credit cards ;) :D

schmidtbag
Senior Member



Posts: 5578
Joined: 2012-11-10

#5653978 Posted on: 03/25/2019 04:56 PM
Stuff like this is why I always prefer to do a complete fresh OS install whenever I get a new PC. Pre-built PCs come with so much useless, bloated, and insecure crap that nobody asked for.

6 pages 1 2 3 4 5 6


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2021