advertisement
Facebook Instagram Linkedin Youtube Spotify
Search
Close this search box.
Facebook
X
LinkedIn
WhatsApp
Reddit

Asus says it has deployed a patch for Operation ShadowHammer attack

This week Kaspersky Lab alerted us to the fact that it had discovered an alarming back door that was hiding in Asus software.

The security firm went on to say that Asus had fallen victim to a supply chain attack in which miscreants had used its digital certificates to distribute compromised Asus software. The software which was reportedly compromised was the Asus Live Update Utility which many notebooks and PCs running Asus hardware use.

What made the news particularly concerning was that 600 MAC addresses were targeted. If the malicious code encountered a matching MAC address the second stage of the attack would take place.

Now, Asus has responded to the news.

“Advanced Persistent Threat (APT) attacks are national-level attacks usually initiated by a couple of specific countries, targeting certain international organizations or entities instead of consumers,” writes Asus.

The mention of “national level attacks” and “specific countries” is odd given that any cybercriminal could have orchestrated a supply chain attack. Beyond that, Kaspersky Lab points to a cybercrime operation known as Barium as the responsible party but augments this by saying that it’s unclear who exactly is behind this attack.

“ASUS Live Update is a proprietary tool supplied with ASUS notebook computers to ensure that the system always benefits from the latest drivers and firmware from ASUS. A small number of devices have been implanted with malicious code through a sophisticated attack on our Live Update servers in an attempt to target a very small and specific user group. ASUS customer service has been reaching out to affected users and providing assistance to ensure that the security risks are removed,” Asus continues.

The firm goes on to say that it has implemented a fix in version 3.6.8 of the Live Update Utility and users should update to this latest version as soon as possible.

Asus adds that its server-to-end-user software has also been updated and strengthened to prevent attacks such as this in the future.

For those using Asus hardware you can use Kaspersky Lab’s free online tool to help you find out if your PC was one of the targeted machines in Operation ShadowHammer.

advertisement

About Author

More
Brendyn Lotz

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.
advertisement

Related News

SingularityU South Africa 2024 set for October this year

Dove says it won’t use AI to represent women in advertising

Meta’s Oversight Board looking at AI-generated explicit images

WC says summer tourism supported over 9000 jobs

Disney+ could add dedicated streaming channels to its platform

Alfa Romeo forced to change name of Milano SUV

advertisement
Facebook Instagram Linkedin Youtube Spotify
Hypertext is one of South Africa’s leading technology news and reviews sites. We publish original content daily for consumers and businesses.
All original words & media by Hypertext by htxt.media are licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Permissions beyond the scope of this license may be available at Hypertext. Where images and material are supplied by rights holders outside of htxt.media, original publishing licences are indicated and unaffected.
Click here to suggest a story.
Click here for advertising.
© 2024. All rights reserved by HTXT.