The update system hijacked by hackers
It was a hacking that lasted for months.
Indeed, hackers managed to hijack the system allowing the firm Asus to carry out its software updates on its machines in several months as we have said. According to the information that did not come to us the goal was of course to install backdoors on thousands of computers of this brand. From there, by exploiting the security weakness of the ASUS Live Update utility, researchers eventually discovered that millions of computers were infected by these hackers.
This article will also interest you: How to use a Trojan horse?
ASUS Live Update is the program that to install updates. It is pre-installed on computers Asus. he is used to update components such as BIOS, applications, or drivers.
According to computer security experts at Kaspersky lab, the giant of the cybersecurity based in Moscow, had made the discovery of this cyber espionage companion whom they referred to as "operation "ShadowHammer." According to Kaspersky's experts, this operation, ShadowHammer, took place exactly between June and November 2018. It was essentially based on broadcasting a corrupted version of the ASUS Live update program Update, to users of PC Asus. He wanted to introduce backdoors which he could use later to take the control of its machines or access users' personal data.
he it should be noted, however, that this massive cyber espionage campaign is the work of a group of APT-type hackers, which is literally in the context of group genre.
It is noted that the specialized research and analysis team of the cybersecurity company Kaspersky have managed to identify more than 15 countries that have been affected by this computer espionage companion, including Germany, Russia, France, the United States and Italy. It estimates that about 57,000 of the users of the ASUS brand had indeed downloaded and installed the corrupted update. and worst of all, there were several versions of the Asus update software available. "We are not able to calculate the total number of affected users solely from our data. However, we estimate that the true scale of the problem is much greater and probably affects more than one million users worldwide," said one of the experts.
The cybersecurity company did inform Asus of the problem. It says it is working with the manufacturer to find an adequate solution to the problem. But while waiting to find a definitive situation, a program has been set up to be used offline and an online checker 'is made available to users in order to check if their computer has not been as affected by operation ShadowHammer. From the evidence that Kaspersky's experts have acknowledged, there has been a connection between this cyber espionage companion and another that happened in the northern United States in 2017 called ShadowPad.
Now access an unlimited number of passwords: