According to a recent report published on Monday by Kaspersky Lab, Thousands of Asus laptops were infected with malware from the company’s own update tool.
Kaspersky Lab announced today the discovery of a wide-ranging supply-chain attack that was used to install a backdoor onto hundreds of thousands of ASUS laptops. The hackers responsible for the attack, which Kaspersky is calling Shadow Hammer, gained access to the ASUS Live Update Utility and modified it with this backdoor, which means that ASUS was unknowingly distributing the malware to its customers.
The hack Shadow Hammer went on between June and November 2018. Kaspersky Lab found that it affected more than 57,000 people using its products.
The attackers were able to infect devices without raising red flags because they used Asus’ legitimate security certificate, which was hosted on the computer manufacturer’s servers.
Even though most people infected with this malware weren’t specifically targeted, this news gives pause because that utility was still loading a backdoor onto many ASUS machines.
All told, the attack happened between July and November 2018, though Kaspersky says that its investigation is still ongoing. Full results and a technical paper about Kaspersky’s findings will be presented during SAS 2019 in April.