Hackers used ASUS update software to add back doors to PCs worldwide (Updated)

Updated March 26, 2022: ASUS has now released an updated version of the Live Update tool that patches the ShadowHammer vulnerability. The visitor also says it has "introduced multiple security verification mechanisms to preclude any malicious manipulation in the form of software updates or other ways." The company has also released a tool that tin diagnose whether your PC is affected.

ASUS'southward Live Update utility was compromised past hackers to install malware on PCs, according to a new report from security firm Kaspersky Labs (via Motherboard). The attack, which has been given the proper noun "ShadowHammer," created a back door in the update software, allowing hackers to install malware on machines that had downloaded the compromised utility.

According to Kaspersky Labs, the set on targeted around 600 systems, with the devices' MAC addresses being hardcoded into the malware. That said, Kaspersky has identified 57,000 of its own customers have installed the compromised ASUS Live Update utility, and the full breadth of people that take downloaded it could be upwards of 1 million, according to the house's estimates.

"The trojanized utility was signed with a legitimate document and was hosted on the official ASUS server dedicated to updates, and that allowed it to stay undetected for a long time," Kaspersky Labs said in a blog post. "The criminals even made sure the file size of the malicious utility stayed the same equally that of the original one."

If installed on one of the pesently identified 600 target machines, the back door is then used to install malware on the affected device. If a auto is non amongst the targets, it simply does null, simply the back door remains, potentially allowing attackers to compromise PCs further.

Kaspersky Labs says that it has constitute the same techniques were used "confronting software from 3 other vendors." The firm says that it has notified ASUS and the other unnamed companies almost the assail, but investigations are still ongoing.

Symantec likewise confirmed the attack to Motherboard, noting that it identified 13,000 of its own customers who had been afflicted.

ASUS Live Update is used past the company to ensure users receive BIOS and driver updates, amid other things. Though ASUS was alerted of the compromised software in January, a Kaspersky employee who met with ASUS in Feb told Motherboard that the company has been "largely unresponsive since so and has non notified ASUS customers about the event."

We may earn a commission for purchases using our links. Acquire more than.

This huge Xbox 'Quick Resume' update will give gamers more control

Xbox Insiders Update

This huge Xbox 'Quick Resume' update volition give gamers more control

Microsoft is adding a new feature to Xbox consoles, allowing you to permanently shop up to two games in a Quick Resume state at all times. The characteristic is heading out first to Xbox Insiders in the Alpha testing band before hitting the general public.