Hackers hijacked ASUS Software Updates

Backdoors installed on thousands of PCs

When we talk about PCs, we all know that it's hard to have a true security. During the last few hours, Kaspersky said that hackers were able to install backdoors on tens of thousands of PCs by pushing out firmware updates through ASUS' own Live Update software.



The attack involved ASUS Live Update utility that has been downloaded between June and November of 2018. During this time, hackers exploited the software to deliver malware that could take over a victim's computer. According to Kaspersky's statistics, over 57'000 Kaspersky users have downloaded and installed the backdoored software. The real number of users affected might be way bigger and even over a million users worldwide.

Although millions of PCs may have been affected, the attack was designed to target only a certain group of users based on their network adapters. If the right MAC address was found, the malicious update would download additional malware to the victim's computer.

At the moment is still unknown who is behind the attack. According to Kaspersky Lab, some informations are linked to hacking group called Barium. Back in 2017, the same group uses a similar way to attack the software utility CCleaner. According to the first reports, most of the infected PCs reside in Russia, Germany, France, Italy, and the US.

The security firm has released a free tool which can detect if you system is clean or not.




Source: Kaspersky

News by Luca Rocchi and Marc Büchel - German Translation by Marc Büchel - Italian Translation by Francesco Daghini


Previous article - Next article
comments powered by Disqus
Hackers hijacked ASUS Software Updates - Software - News - ocaholic