ASUS computers hacked!!!
Hello all and Welcome to Dark Street Hackers!!
Today I would like to discuss and share about a huge hack of computers of ASUS laptop company. Yes, you read this truly!!! More than 1 million ASUS computer have been compromised by the hackers from June to November 2018.
Now the question is how? Let me give you the exact details.
ASUS is the fifth largest PC maker in the world over 6% of the market capitalization. Every ASUS computer have pre-installed update software tool which is doing automatic update and directly connected with the server. This live update tool contacts the ASUS update server to see if any firmware or other software updates are available and if available then tool will install it on laptops and other devices. It updates such as BIOS, UEFI, software and applications. So hackers attacked to the server and installed malware in it.
So another question may comes in your mind is that how they entered into the server? The answer is through SUPPLY CHAIN ATTACK. This attack was discovered in January 2019 by Kaspersky researchers and this attack was active since June 2018 to November 2018.
As per Kaspersky research, this malware infected more than 1 million user all over the world. Another question is that how the malware worked in order to infect many system? These malwares are targeting users based on their MAC address to identify specific targets.
Kaspersky researchers collected more than 600 unique MAC addresses from over 200 samples and they believe that the attack is even more sophisticated than the CCleaner supply chain attack and also this attack matches the dubbed Shadowpad Attack.
How this malware being undetected for a long time?
Kaspersky said that “The reason that it stayed undetected for so long is partly due to the fact that the trojanized updaters were signed with legitimate certificates (“ASUSTeK Computer Inc.”). The malicious updaters were hosted on the official liveupdate01s.asus.com and liveupdate01.asus.com ASUS update servers.”
Russia, France, Germany, Italy, U.S, Spain, Poland, U.K, Canada, Japan these countries are being infected most by this type of attack.
Alertness for the ASUS users for checking their computer is being compromised or not, Kaspersky created a site for users to check: https://shadowhammer.kaspersky.com/ that helps to determine if your device has been targeted by the ShadowHammer cyberattack by comparing the MAC addresses of all adapters hardcoded value in the malware.
So this is it, stay tuned for more updates and news until then bye.
Today I would like to discuss and share about a huge hack of computers of ASUS laptop company. Yes, you read this truly!!! More than 1 million ASUS computer have been compromised by the hackers from June to November 2018.
Now the question is how? Let me give you the exact details.
ASUS is the fifth largest PC maker in the world over 6% of the market capitalization. Every ASUS computer have pre-installed update software tool which is doing automatic update and directly connected with the server. This live update tool contacts the ASUS update server to see if any firmware or other software updates are available and if available then tool will install it on laptops and other devices. It updates such as BIOS, UEFI, software and applications. So hackers attacked to the server and installed malware in it.
So another question may comes in your mind is that how they entered into the server? The answer is through SUPPLY CHAIN ATTACK. This attack was discovered in January 2019 by Kaspersky researchers and this attack was active since June 2018 to November 2018.
As per Kaspersky research, this malware infected more than 1 million user all over the world. Another question is that how the malware worked in order to infect many system? These malwares are targeting users based on their MAC address to identify specific targets.
Kaspersky researchers collected more than 600 unique MAC addresses from over 200 samples and they believe that the attack is even more sophisticated than the CCleaner supply chain attack and also this attack matches the dubbed Shadowpad Attack.
How this malware being undetected for a long time?
Kaspersky said that “The reason that it stayed undetected for so long is partly due to the fact that the trojanized updaters were signed with legitimate certificates (“ASUSTeK Computer Inc.”). The malicious updaters were hosted on the official liveupdate01s.asus.com and liveupdate01.asus.com ASUS update servers.”
Russia, France, Germany, Italy, U.S, Spain, Poland, U.K, Canada, Japan these countries are being infected most by this type of attack.
Alertness for the ASUS users for checking their computer is being compromised or not, Kaspersky created a site for users to check: https://shadowhammer.kaspersky.com/ that helps to determine if your device has been targeted by the ShadowHammer cyberattack by comparing the MAC addresses of all adapters hardcoded value in the malware.
So this is it, stay tuned for more updates and news until then bye.
0 Comments