Live Update software of ASUS hacked for thrusting backdoor into client PCs

Researchers from Kaspersky Lab the cyber-security company state that cyber-criminals misused a globally major computer manufacturer, ASUS for planting a destructive backdoor onto its innumerable customers' PCs in 2018 following a hijack of the manufacturer's server that hosted ASUS' update tool for live software.

The Taiwan-based computer hardware manufacturer ASUS rolling billions of dollars in business while making laptops, desktop computers, smart home appliances, mobile phones and a number of other electronics, without knowing thrust the backdoor into client systems over a period of 5-months-and more in 2018 prior to being discovered.

"ShadowHammer," name given to one gigantic supply chain assault targeted a maximum of one million end-users as it leveraged the Live Update computer program of ASUS. Kaspersky uncovered that by misusing this computer program, malware was being delivered to end-users during January 2019. There were digital certificates of ASUS too which signed the malware apparently authorizing it as genuine software update which ASUS supplied, the security company stated.

The security researchers found the malicious software as designed for surgical spying because it accepted another malicious payload, which targeted some particular PCs with unique identifiers indicating the respective networks they connected to. The payload would spot over 600 PCs which were programmed for accepting it. www.marketwatch.com posted this, March 25, 2019. According to Global Research and Analysis Team director Vitaly Kamluk of Kaspersky Lab's Asia-Pacific region, the above assault is explanatory of the trustworthy modules used on the basis of known suppliers along with authentication by digital signatures is actually incapable of guaranteeing that end-users won't contract malware.

Furthermore, Kaspersky Lab found there were 57,000 instances of contaminations among people who bought its anti-virus programs. The security company computes that the malware possibly impacted over 1m PCs obtained from the PC manufacturer ranking No.5 in the world. The malware would create a 'backdoor' to provide hackers an entry into the infected systems. Nearly half of the impacted customers using Kaspersky's AV programs resided inside France, Germany and Russia. In USA, less than five percent contracted the malware. And some 13,000 of Symantec's AV clients also downloaded the rogue updates.

» SPAMfighter News - 3/28/2019