Has not passed and
Plead's activity in the ASUS WebStorage program was discovered at the end of April by Eset specialists. Previously, the BlackTech group distributed Plead using phishing attacks via email and through routers with open vulnerabilities. The last attack was unusual. Hackers injected Plead into ASUS Webstorage Upate.exe, the company's proprietary tool for software updates. Then the backdoor was also activated by the proprietary and trusted ASUS WebStorage program.
According to experts, hackers were able to introduce a backdoor into ASUS utilities due to insufficient protection in the HTTP protocol using the so-called “man-in-the-middle” attack. A request to update and transfer files from ASUS services via HTTP can be intercepted, and instead of trusted software, infected files are transferred to the victim. At the same time, ASUS software does not have mechanisms to verify the authenticity of downloaded programs before execution on the victim's computer. Update interception is possible on compromised routers. For this, the negligent attitude of administrators to the default settings is enough. Most of the routers in the attacked network are from the same manufacturer with factory-installed logins and passwords, information about which is not a secret behind seven seals.
The ASUS Cloud service promptly responded to the vulnerability and updated the mechanisms on the update server. However, the company encourages users to scan their own computers for viruses.
Source: 3dnews.ru