Latest in Gear

Image credit: Bloomberg via Getty Images

Hackers hijacked update server to install backdoors on ASUS machines

The attackers distributed the malware to more than half a million computers.
2748 Shares
Share
Tweet
Share
Save

Sponsored Links

Bloomberg via Getty Images

For nearly half a year, computer maker ASUS was unwittingly pushing malware that gave hackers backdoor access to thousands of computers, according to Kaspersky Lab. Hackers managed to compromise one of the company's servers used to provide software updates to ASUS machines. The attack, which has been given the name ShadowHammer was discovered late last year and has since been stopped. Engadget reached out to ASUS for comment and will update this story if we hear back.

With access to the update server, the attackers were able to distribute malicious files that appeared legitimate because they were given an ASUS digital certificate to make them appear to be authentic. Instead, the phony software updates gave the attackers a backdoor to access infected devices. Kaspersky estimates that about half a million Windows machines received the backdoor from ASUS' update server. However, the attackers appear to have only been targeting about 600 systems. The malware was designed to search for machines by their MAC address. It's not clear for what reason that the attackers focused on that small subset of machines.

Attacks on the supply chain, specifically update servers, are growing more common. Microsoft suffered a similar attack in 2012 when hackers distributed a spying tool called Flame via the Windows updating tool. Popular apps like CCleaner and Transmission were at one point compromised and unknowingly distributing malware to users. Perhaps most notably, the notPetya cyberattack that hit thousands of machines across Europe, Asia, Australia and the US was carried out through a malicious update to an accounting software tool.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
2748 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget's Guide to Privacy

Engadget's Guide to Privacy

View
FCC creates two 'innovation zones' to test next-gen wireless

FCC creates two 'innovation zones' to test next-gen wireless

View
‘Call of Duty’ comes to mobile on October 1st

‘Call of Duty’ comes to mobile on October 1st

View
AT&T reportedly considers offloading its DirecTV satellite unit

AT&T reportedly considers offloading its DirecTV satellite unit

View
T-Mobile’s Sprint merger is opposed by 18 state attorneys general

T-Mobile’s Sprint merger is opposed by 18 state attorneys general

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr