Security experts Kaspersky have exposed a security flaw targeting the online automatic update service of the world’s fifth largest computer company, ASUS.
The flaw is estimated to have affected more than one million computers worldwide and took more than five months to be exposed.
The malware installed via the online automatic update service was designed to create a backdoor for intruders in the machines affected.
Operation ShadowHammer: a newly discovered supply chain attack that leveraged #ASUS Live Software Update. https://t.co/tnZ8V0RPLU
Just another #MondayMorning in the world of #cybersecurity… pic.twitter.com/llnQQu9WUe
— Kaspersky Lab (@kaspersky) March 25, 2019
Kaspersky was able to determine that the malware was programmed for surgical espionage and that it was designed to accept a second malware payload on specific computers.
Unfortunately, due to the server that delivered the second malware payload no longer being active, they are unable to determine exactly what the second payload may have been.
Kaspersky did mention that the incident was consistent with a 2017 incident blamed by Microsoft on a Chinese state-backed group the company calls BARIUM.
Related articles:
Security exploits hit Windows users
Antivirus – free vs paid
ATO stalking your social media