Wednesday, February 24, 2021
  • Cybersecurity Threats on the Rise
  • The Traditional SOC Is Dead, Long Live the Remote SOC
  • BSides Calgary 2020 – AJ Leece’s ‘Malware Analysis For Incident Response’
  • Can DevSecOps Covers Holes Made by Digital Transformation?
  • John Clossner’s FCW Security Comic

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • MediaOps Inc.
    • DevOps.com
    • Container Journal
    • Digital Anarchist
    • SweetCode.io
  • Media Kit

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Data Security Malware Security Bloggers Network 

Home » Cybersecurity » Data Security » ASUS pushes out urgent security update after attackers hacked its automatic Live Update tool

ASUS pushes out urgent security update after attackers hacked its automatic Live Update tool

by Graham Cluley on March 27, 2019

Taiwan-based technology giant ASUS is advising concerned customers to run a newly-created diagnostic tool on their Windows computers after hackers pushed out malware to what some security researchers have estimated to be as many as one million PCs using ASUS’s own Live Update software tool.

As Motherboard reported earlier this week, researchers at Kaspersky discovered that malicious hackers had successfully planted malware posing as an official ASUS security update onto ASUS’s servers and signed it with two of the company’s legitimate digital certificates.

In its own confirmation of the incident, Symantec revealed that at least 13,000 computers belonging to its customers were infected with the malicious software update pushed from ASUS’s Live Update server last year.

Upon installation, the malicious update received by ASUS notebooks launched a scan to determine if it was running on one of the 600 unique devices that the hackers were targeting, all with the intention of downloading further malware.

The supply-chain attack, which has been dubbed “Operation ShadowHammer,” has raised a number of questions including:

  • How was ASUS’s infrastructure compromised?
  • How did the hackers manage to get hold of ASUS’s digital certificates in order to sign the code to make it appear as though it really were from ASUS?
  • Who was behind the attack, and why were they targeting those 600-or-so PCs?

Right now, we don’t have answers for any of those questions, though many think the attack’s sophisticated and targeted nature could mean that state-sponsored hackers, perhaps with espionage in mind, were responsible for the campaign.

There aren’t any additional details in ASUS’s press statement, a notice which mainly reviews the details of the incident:

A small number of devices have been implanted with malicious code through a sophisticated attack on our Live Update servers in an attempt to target a very small and (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Graham Cluley. Read the original post at: https://www.tripwire.com/state-of-security/featured/asus-security-update-live-update-tool-hacked/

March 27, 2019March 27, 2019 Graham Cluley Asus, Featured Articles, IT Security and Data Protection, Malware, ShadowHammer, supply chain
  • ← AD DS and Zero Trust Security
  • WordPress Giribaz File Manager Vulnerability Actively Exploited in the Wild →

TechStrong TV – Live

Watch latest episodes and shows

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Think Macs Don’t Get Malware? Think Again.
How to Secure Your Cloud Investment
Mitigating Third-Party Supply Chain Breaches
What’s Scarier Than the SolarWinds Breach?
Making the Right Cloud Security Investments
6 Security Methods to Protect You and Your Customers
Robot Detained a Google AI Ethicist, Terminated Her
Ransomware Attacks Remain Persistent and Pervasive
Innovation, Agility and Securing the Mobile World in 2021
From Zero to Zero Trust: Five Tips to Simplify Your Journey

Upcoming Webinars

Thu 25

Quantifiable Application Security: Mining the Value of DevSecOps

February 25 @ 11:00 am - 12:00 pm
Thu 25

3 Supply Chain Attacks from 2020 Not Named SolarWinds

February 25 @ 1:00 pm - 2:00 pm
Mar 09

Zero Trust Journey – A Security Leader’s Story

March 9 @ 11:00 am - 12:00 pm
Mar 15

Don’t Get Attached to Your Attachment!

March 15 @ 9:00 am - 10:00 am
Mar 15

Managing Security in a Decentralized World

March 15 @ 1:00 pm - 2:00 pm
Mar 17

API Security: Everything You Need to Know To Protect Your APIs

March 17 @ 1:00 pm - 2:00 pm
Mar 22

The Main Application Security Technologies to Adopt in 2021

March 22 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

7 Must-Read eBooks for Security Professionals

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Breach Clarity Data Breach Report: Week of Feb. 22
Cloud Security Cybersecurity Data Security Endpoint Governance, Risk & Compliance Industry Spotlight Security Boulevard (Original) Threats & Breaches 

Breach Clarity Data Breach Report: Week of Feb. 22

February 24, 2021 Kyle Marchini | Yesterday 0
What’s Scarier Than the SolarWinds Breach?
Cloud Security Cybersecurity Data Security Industry Spotlight Network Security Security Awareness Security Boulevard (Original) Threats & Breaches 

What’s Scarier Than the SolarWinds Breach?

February 23, 2021 Yuval Elddad | 1 day ago 0
How to Secure Your Cloud Investment
Cloud Security Cybersecurity Endpoint Governance, Risk & Compliance Industry Spotlight Network Security Security Boulevard (Original) 

How to Secure Your Cloud Investment

February 22, 2021 Jim Bowers | 2 days ago 0

Top Stories

Think Macs Don’t Get Malware? Think Again.
Analytics & Intelligence Cloud Security Cybersecurity Endpoint Featured Incident Response Malware News Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Think Macs Don’t Get Malware? Think Again.

February 22, 2021 Richi Jennings | 2 days ago 0
SolarWinds Hack: ‘All is Well,’ Microsoft Shrugs
Analytics & Intelligence Application Security Cloud Security Cybersecurity Data Security Featured Governance, Risk & Compliance Identity & Access Incident Response Malware Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

SolarWinds Hack: ‘All is Well,’ Microsoft Shrugs

February 19, 2021 Richi Jennings | Feb 19 0
Oracle is Said to Help China Find Dissidents and Jail Minorities
Analytics & Intelligence Cyberlaw Cybersecurity Data Security Featured Governance, Risk & Compliance Incident Response News Security Boulevard (Original) Social Engineering Spotlight 

Oracle is Said to Help China Find Dissidents and Jail Minorities

February 18, 2021 Richi Jennings | Feb 18 0

Security Humor

via     the comic delivery system monikered   Randall Munroe   resident at   XKCD  !

XKCD ‘Mars Landing Video’

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy
  • DMCA Compliance Statement

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2021 MediaOps Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.