One Hacked Server Opened A Backdoor To Half A Million Asus Computers

Own an ASUS computer? Researchers with Kaspersky Lab have a few a pieces of grim alternative news to share with you. One of the servers that supplies updates for your laptop was hacked, and it could have installed risky malware in your device.

Kaspersky first observed something was amiss after updating its software program recently, including a function that detects assaults just like this one. Kaspersky software located suspicious code running within the ASUS replacement app on clients’ computers. The agency believes as many as 500,000 machines will be affected.

That code had long been omitted because it was signed through a genuine ASUS certificate. That’s enough to convince many anti-malware gears to adopt the alternative way. Motherboard reviews that even Google’s multi-engine VirusTotal scanner neglected this unique malware.

The certificates weren’t the best aspect that allowed the assault to go unnoticed. Whoever changed behind the server hack wasn’t interested in launching a huge-scale attack. According to Kaspersky, the hackers had decided on 600 unique systems. They have been diagnosed by their MAC addresses, a unique identifier connected to community adapters.

If a machine’s MAC address wasn’t in the listing, the software program sat dormant, making it more challenging to hit upon. Anti-malware software can’t continually spot formerly unknown malware if it is not doing anything.

YOU MAY ALSO LIKE

Other things that could, in most cases, enhance red flags did not straight away arouse suspicions either. One VirusTotal uploader cited grammar and spelling errors. However, those had been effortlessly dismissed. Unaffected ASUS apps contained comparable errors.

How the hackers gained access to the ASUS server remains a mystery. One possibility that Kaspersky Lab has considered is that any other hacking incident could also have been the starting point.

A similar delivery chain attack compromised replacement servers for the CCleaner app. One of the number one targets of the CCleaner assaults turned into ASUS. That may be more than a coincidence.

If you very own an ASUS computer and need to discover if the malicious replacement has compromised your device, Wired can walk you through the system. ASUS has been contacted for comment, and this post might be updated with the organization’s reaction.