It’s used to perform automatic updated on important computer software components, such as BIOS, UEFI, software drivers, and some other major applications. The ASUS Live Update is a software patching utility which comes preinstalled on most ASUS computers. How the Advanced Persistent Threat (APT) infection worked We want to make you aware of this vulnerability, and urge you to take a few basic steps to secure your system, in case you own any ASUS computers. This unusually dangerous attack has been dubbed Operation #ShadowHammer and ran from June 2018 to November 2018 undetected until now. This huge supply chain attack fooled computers into thinking they were receiving updates from ASUS, all the while installing a backdoor into those computers. This type of attack is unprecedented in its seriousness because it managed to perfectly imitate the signature of the original ASUS auto-update software, passing by undetected by conventional anti-virus solutions. Latest security updates unveiled an advanced persistent threat (APT) attack that affected over a million ASUS users worldwide. There were also several retailers and pharmaceutical companies located in Asia targeted by the ShadowHammer attack.
Among the other targets were Electronics Extreme (authors of the ‘Infestation: Survivor Stories’ zombie survival game), Innovative Extremist, another IT and game development company, and Zepetto (the South Korean authors of the ‘Point Blank’ video game). In these other attacks, similar algorithms were used and just like in the ASUS case, legitimately signed certificates were used. Update 23rd April 2019: Further research revealed that the ShadowHammer malware has targeted and successfully attacked multiple companies, not just ASUS.
0 kommentar(er)
