Latest in Gear

Image credit: Bloomberg via Getty Images

Hackers hijacked update server to install backdoors on ASUS machines

The attackers distributed the malware to more than half a million computers.
2747 Shares
Share
Tweet
Share

Sponsored Links

Bloomberg via Getty Images

For nearly half a year, computer maker ASUS was unwittingly pushing malware that gave hackers backdoor access to thousands of computers, according to Kaspersky Lab. Hackers managed to compromise one of the company's servers used to provide software updates to ASUS machines. The attack, which has been given the name ShadowHammer was discovered late last year and has since been stopped. Engadget reached out to ASUS for comment and will update this story if we hear back.

With access to the update server, the attackers were able to distribute malicious files that appeared legitimate because they were given an ASUS digital certificate to make them appear to be authentic. Instead, the phony software updates gave the attackers a backdoor to access infected devices. Kaspersky estimates that about half a million Windows machines received the backdoor from ASUS' update server. However, the attackers appear to have only been targeting about 600 systems. The malware was designed to search for machines by their MAC address. It's not clear for what reason that the attackers focused on that small subset of machines.

Attacks on the supply chain, specifically update servers, are growing more common. Microsoft suffered a similar attack in 2012 when hackers distributed a spying tool called Flame via the Windows updating tool. Popular apps like CCleaner and Transmission were at one point compromised and unknowingly distributing malware to users. Perhaps most notably, the notPetya cyberattack that hit thousands of machines across Europe, Asia, Australia and the US was carried out through a malicious update to an accounting software tool.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
2747 Shares
Share
Tweet
Share

Popular on Engadget

Your Google Fit stats are now just a swipe away

Your Google Fit stats are now just a swipe away

View
Alphabet quits work on its energy-generating kites

Alphabet quits work on its energy-generating kites

View
Blue Apron considers selling itself as it bleeds customers

Blue Apron considers selling itself as it bleeds customers

View
The Galaxy Z Flip's hinge fibers aren't enough to keep dust out

The Galaxy Z Flip's hinge fibers aren't enough to keep dust out

View
Facebook's gigabit wireless rolls out in Puerto Rico

Facebook's gigabit wireless rolls out in Puerto Rico

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr