Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers

DooKey

DooKey

[H]F Junkie
Joined
Apr 25, 2001
Messages
13,554
If you are one of the folks that likes to install the crap that ASUS provides with your motherboard you might just have a nasty backdoor installing malware. According to Kaspersky Labs, via Motherboard, the ASUS servers were hacked last year and the hackers used it to install malware using the software update utility. This could have resulted in as many as a million computers being infected. Consider this a PSA.

Kaspersky Lab said it uncovered the attack in January after adding a new supply-chain detection technology to its scanning tool to catch anomalous code fragments hidden in legitimate code or catch code that is hijacking normal operations on a machine. The company plans to release a full technical paper and presentation about the ASUS attack, which it has dubbed ShadowHammer, next month at its Security Analyst Summit in Singapore.
 
Sheesh.

I never ran the Asus utils, preferring to keep things minimal, but there are other utilities I do run (like Logitech's mouse software, etc.)

Having auto-updates install malware on an otherwise clean system is scary stuff.
 
I'm glad I no longer run Asus hardware. The older x99 stuff I had worked great but the newer stuff - just couldn't justify the price difference (brand markup) anymore.
 
Well damn...I just recently switched to an Asus mobo. Was feeling good about my new setup until now...
 
techdude01 said:
Well damn...I just recently switched to an Asus mobo. Was feeling good about my new setup until now...
Click to expand...
Sometimes the whole software suite seems pretty good and you have to install a program that manages those programs and then you decide to not install any of it :)

Asus has software that once you installed it it seems to live on even if you uninstalled it. I know I made the mistake as well ;)
 
techdude01 said:
Well damn...I just recently switched to an Asus mobo. Was feeling good about my new setup until now...
Click to expand...
Good hardware but their bloatware seems to be created by one of those programs where you don't have to write code, and can just drag and drop buttons onto a layout and it makes the program for you.
 
Good Lord. I can only imagine what horrors Gigabytes' software have unleashed.

Time to do a wipe...

#killitwithfire
 
Someone has to have deep pockets to keep all the hackers working and well fed
 
You must log in or register to reply here.
Back
Top