Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of PCs
13 replies, posted
https://twitter.com/KimZetter/status/1110167942749052928
The researchers estimate half a million Windows machines received the malicious backdoor through the ASUS update server, although the attackers appear to have been targeting only about 600 of those systems. The malware searched for targeted systems through their unique MAC addresses. Once on a system, if it found one of these targeted addresses, the malware reached out to a command-and-control server the attackers operated, which then installed additional malware on those machines.
May wanna check your shit just in case.
Well, shit. My laptop's an Asus. I don't know if I ever disabled the auto-update - or if mine even uses the same update system, since it's a very old one.
None of the articles I can find seem to say how to tell if you got hit, or how to remove it if you did. Is there any way to do so? Or is there not much point, since it's such a targeted attack and unless you've got the right MAC address it does nothing?
My mobo is an Asus (and I'll probably scan once I get home, better safe than sorry) but do you think that applies? I can't recall updating it since installing it....
Kaspersky has a blog post on it.
Operation ShadowHammer | Securelist
That doesn't really offer any "how to clean it up" advice. They've got a tool for checking if your MAC address made you a specific target but nothing I can see for "so you bought a shitty Asus laptop and now you're fucked".
"let's just build and ship our own shitty update service for our software instead of using Windows Update. what could go wrong????"
Asus has their own "live updater" program that detects your board model and offers driver and software downloads/updates, sounds like that's what was compromised.
[Notebook] ASUS Live Update
hmm, I was about to buy an ASUS mobo, is there any way I can prevent this on a clean Windows install? Do I just not install the updater?
these malware names are getting increasingly uncreative
it's like they pull them out of a hat filled with xbox live gamertags from 2004
Maybe those ppl on xbox are actually hackers.
o fuc
Just don't get their bloatware. Windows automatically gets necessary drivers anyway.
I remember reading somewhere that some ASUS motherboards actually automatically install their bloatware to your windows installation.
Edit:
ASUS Z390 Motherboards Automatically Push Software into Your Win..
You can turn this setting off in UEFI iirc
Yeah, just raising awareness. Check around for this sort of shit when before you make your purchase.
Sorry, you need to Log In to post a reply to this thread.