Sarah Tew/CNET
Thousands of Asus computers were infected with malware from the company's own update tool, researchers from Kaspersky Lab said Monday.
The researchers discovered the attack in January, after hackers took over the Asus Live Update Utility to quietly install malware on devices. The hack was first reported by Motherboard.
The hack, which Kaspersky Lab is calling Operation ShadowHammer, went on between June and November 2018. Kaspersky Lab found that it affected more than 57,000 people using its products.
The Russia-based cybersecurity company was only able to find those numbers for its own users, and estimates that the malware could affect more than a million Asus owners worldwide. The update tool is preinstalled on the majority of new Asus devices.
The attackers were able to infect devices without raising red flags because they used Asus' legitimate security certificate, which was hosted on the computer manufacturer's servers.
Now playing: Watch this: Biggest hacks of 2018
3:26
Asus is a Taiwan-based computer company, and one of the top consumer notebook vendors in the world, with millions of laptops worldwide. The company did not respond to a request for comment.
"The selected vendors are extremely attractive targets for APT [advanced persistent threat] groups that might want to take advantage of their vast customer base," Vitaly Kamluk, director of Kaspersky Lab's Global Research and Analysis Team, said in a statement.
Malware can arrive on your devices in a lot of ways — downloading a file from an email, opening a PDF you shouldn't have or via browser-based attacks.
The hack on Asus' automatic update tool points to another kind of concern, in which people have to be worried about patches from the source itself as hackers seek to exploit a trusted relationship. Supply chain attacks are not new: In 2017, the popular software tool CCleaner was hijacked to insRead More – Source
[contf]
[contfnew]
cnet
[contfnewc]
[contfnewc]
