Recently, Kaspersky Lab uncovered an unusual cyberattack that could have killed about a million users of ASUS laptops and desktops. The investigation showed that cybercriminals added a backdoor to the ASUS Live Update utility, which is used to update the BIOS, UEFI and software of motherboards and laptops of the Taiwanese company. Following this, the attackers organized the distribution of the modified utility through official channels.
ASUS confirmed this fact by issuing a special press release regarding the attack. According to an official statement from the manufacturer, Live Update, a software update tool for the company's devices, has been subjected to APT (Advanced Persistent Threat) attacks. The term APT is used in the industry to characterize government hackers or, more rarely, highly organized criminal groups.
"A small number of devices were injected with malicious code through a sophisticated attack on our Live Update servers in an attempt to target a very small and specific group of users," ASUS said in a press release. "ASUS Support works with affected users and provides assistance to resolve security risks."
The "small amount" somewhat contradicts Kaspersky Lab's claim that it found malware (named ShadowHammer) on 57 computers. At the same time, according to security experts, many other devices could also be hacked.
The ASUS press release states that the backdoor has been removed from the latest version of the Live Update utility. ASUS also said it provided end-to-end encryption and additional security checks to protect customers. In addition, ASUS has created a tool that it claims will determine if a particular system has been attacked, and also invited concerned users to contact its support team.
The attack reportedly took place in 2018 for at least five months, and Kaspersky Lab discovered the backdoor in January 2019.
Source: 3dnews.ru