ASUS Patches Live Update Bug
ASUS Live Update software has been leveraged in a massive supply chain attack called "ShadowHammer" that has targeted up to a million users.
ASUS has rushed out a patch for a major vulnerability that’s infecting thousands of PCs. The bug has allowed an advanced persistent threat group to launch “Operation ShadowHammer,” a massive supply-chain attack.
This exploit has targeted a variety of ASUS PCs with a backdoor injection technique linked to a faulty software update system. Kaspersky security researchers first discovered that the software was used to distribute malware to users in January 2019.
Who is affected?
Users of the ASUS Live Update Utility were the main targets of the attack. ASUS Live Update is pre-installed on most ASUS computers and is used to automatically update certain components such as BIOS, UEFI, drivers and applications. According to researchers, more than a million worldwide may have been impacted.
Kaspersky Lab said that the attackers first launched the exploit via stolen digital certificates used by ASUS to sign legitimate binaries. They then altered older versions of ASUS software to inject their own malicious code.