Hackers dropped a secret backdoor in Asus' update software

About 1 million Asus computers were infected with malware from the company's own update tool, researchers from Kaspersky Lab said Monday. A state-sponsored Chinese hacking group was using the Asus Live Update Utility, which is used to download and install software updates for Asus devices, and now Asus has confirmed that.

The hack, which Kaspersky Lab is calling Operation ShadowHammer, went on between June and November 2018. It affected users who had enabled the ASUS Live Update utility on their systems. The update software is installed on Asus computers as standard but is not always turned on.

The hackers took a real Asus update from 2015 and subtly modified it before pushing it out to Asus customers. Kaspersky discovered the attack on Asus in January and disclosed it to the company on January 31. Kaspersky says its researchers met with Asus a few times and the company seems to be in the process of investigating the incident, cleaning up its systems, and establishing new defenses.

Asus released today a new version of the Live Update tool that contains fixes for vulnerabilities that were exploited. The company said Asus Live Update v3.6.8 "introduced multiple security verification mechanisms to prevent any malicious manipulation in the form of software updates or other means, and implemented an enhanced end-to-end encryption mechanism."

Read more -here-

• Dropbox breach exposes customer credentials, authentication data
• Google: Passkey authentications top 1 billion across 400 million accounts
• FTC fines Razer for misrepresenting COVID masks as N95s
• FCC fines Verizon, AT&T other major carriers nearly $200 million for sharing customer data
• Federal regulators accuse Amazon executives of deleting messages
• FCC restores net neutrality rules