12.5 C
New York
Wednesday, August 12, 2020
Home News Own an Asus computer? Malware might be hiding in your system

Own an Asus computer? Malware might be hiding in your system

Mark Coppock/Digtial Trends

If you own an Asus computer, your system might have been infected by malware distributed from the tool you typically use to update BIOS and install other important security patches. That’s all according to a new report from researchers at the Russian-based cybersecurity company, Kaspersky Lab.

The initial hack was first discovered in January and, in the period of five months, could have impacted up to one million different computers. According to Kaspersky, hackers apparently leveraged a back door attack and modified the ASUS Live Update Utility so it delivered a payload with malware — making it seem as though it was coming from official sources. The backdoor was given the name “ShadowHammer” and peaked between June and November 2018. Up to 57,000 people using Kaspersky software were impacted, though it is believed that only 600 specific computers were originally intended as targets.

Hackers even went as far as to ensure that the files were signed with authentic digital certificates– and to make sure that file sizes were the same size as ones distributed by Asus. If you’re concerned that your system might be impacted, a tool is available online which can cross check your system MAC address to see if you were a specific target.

“Of course, we have notified ASUS and other companies about the attack. As of now, all Kaspersky Lab solutions detect and block the trojanized utilities, but we still suggest that you update the ASUS Live Update Utility if you use it. Our investigation is still ongoing,” explains Kaspersky Lab.

Other than Kaspersky Lab, Symantec, a cybersecurity firm based in the United States, also confirmed the discovery of the ShadowHammer malware. According to a report from Motherboard, up to 13,000 computers running Symantec software were impacted.

This type of supply-chain attack is not necessarily new. Back in 2017, the popular CCleaner system maintenance application was found to have distributed malware to millions of computers through its official channels. That was eventually patched, but not before the attacks went on for a period of 22 days. These attacks are also designed to reduce trust in legitimate sources and institutions. No word yet from Asus, which has not responded to media requests for comments on this situation.

Editors’ Recommendations

  • Here are the 5 of the best antivirus solutions for your small business
  • Windows Update not working after October 2018 patch? Here’s how to fix it
  • How to reset your router
  • How good are you at spotting phishing scams? Take this quiz to find out
  • Think iPhones can’t get viruses? Our expert explains why it could happen


Not sure what two-factor authentication is? We’re here to help

What 2FA is, why it's important, and why you should use it.You see a lot of talk on the internet

OnePlus announces Android 11 Developer Preview 3 for OnePlus 8 and 8 Pro

OxygenOS 11 brings with it an always-on display, a new visual design, and more.What you need to knowOnePlus today announced

The Last of Us HBO show will have a ‘jaw drop’ moment not in the game

Some pragmatic and jarring changes are inbound.What you need to knowThe Last of Us is being adapted into an HBO

TikTok was reportedly tracking users, despite Google’s built-in protections

The app was collecting users' MAC addresses, the report reveals.What you need to knowTikTok's reputation on privacy is about to