It is believed that Taywan based technology - giant ASUS has trusted its automated softws update tool to push the malws to hundreds of thousands of customers when attackers have affected the company's server and used it to push the software to the machines.
The investigators estimate half a million Windows machines have received the malicious backdoor via the ASUS update server, but only about 600 of these systems appear to be targeted. The malware has searched through their unique MAC addresses for targeted systems. Once on a system, the malware reached a control and control server that operated the attackers and installed additional malware on those machines, if it found one of these target addresses.
The security firm Kaspersky writes a blog post about how hackers gained access to Asus Live Update Utility – the Software Update for Asus notebooks and PCs – to install a backdoor on machines worldwide.
The investigators estimate half a million Windows machines have received the malicious backdoor via the ASUS update server, but only about 600 of these systems appear to be targeted. The malware has searched through their unique MAC addresses for targeted systems. Once on a system, the malware reached a control and control server that operated the attackers and installed additional malware on those machines, if it found one of these target addresses.
 |
| malwaretechno |
Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers https://t.co/Ny6QnZe8eb via @motherboard— Raby (@raby_mr) March 25, 2019
1 comment:
ShadowHammer....Dropped Asus live update....Nic Info
Post a Comment