Spyware sneaks into 'million-plus' Asus PCs via poisoned software updates, says Kaspersky

www.theregister.co.uk | 3/25/2019 | Staff
trainman (Posted by) Level 3
Click For Photo: https://regmedia.co.uk/2015/05/26/asus_chi_t300_transformer_book_8.jpg

A million or more Asus personal computers may have downloaded spyware from the computer maker's update servers and installed it, Kaspersky Lab claims.

Someone was able to modify a copy of the Asus Live Update Utility, hosted on the Taiwanese manufacturer's backend systems, and sign it using the company's security certificate, even keeping the file length the same as the legit version, to make everything seem above board. The update utility ships with every machine, and routinely upgrades the motherboard firmware and related software with any available updates from Asus.

Asus - Servers - Updates - Utility - Version

When it checked in with Asus's servers for the latest updates, the utility would fetch and install a backdoored version of the Asus Live Update Utility, we're told. The dodgy version was offered between June and November 2018, according to Kaspersky. That infected build of the utility was designed to spy on roughly 600 machines, identified by their network MAC addresses. So, a million or more Asus-built computers may have been running a trojanized update utility, with a few hundred actively spied on.

The software nasty, discovered by Kaspersky in January this year and dubbed ShadowHammer, because they've all got to have a sexy name these days, was apparently found on 57,000 machines running the Russian security shop's antivirus tools. Extrapolating that figure, there are a million or more computers running this backdoor, it is claimed: Asus is the world's fifth largest computer manufacturer. Kaspersky claims it has found similar exploit code in the firmware of three other,...
(Excerpt) Read more at: www.theregister.co.uk
Wake Up To Breaking News!
Why do democrats never have to face the reality of what's on the ground, like 2000 years of marriage.
Sign In or Register to comment.

Welcome to Long Room!

Where The World Finds Its News!