Asus acknowledges computers infected by auto-update virus

Asus said in a prepared statement that the malware infected a small number of devices in an attempt to target a very small, specific user group. It did not specify how many or who.

By: ASSOCIATED PRESS
| Updated on: Aug 20 2022, 13:59 IST
Kaspersky Lab said hackers infected tens of thousands of computers from the Taiwanese vendor ASUS with malicious software for months last year through the company’s online automatic update service.
Kaspersky Lab said hackers infected tens of thousands of computers from the Taiwanese vendor ASUS with malicious software for months last year through the company’s online automatic update service. (AP)

The Taiwanese computer company Asus is acknowledging that suspected nation-state hackers planted malware on its online automatic update service in a sophisticated and targeted espionage operation.

Security researchers at Kaspersky Lab disclosed Monday that hackers infected tens of thousands of Asus computers last year in the scheme. Kaspersky said it detected 57,000 infections among customers of its antivirus software. It estimated the exploit likely affected more than 1 million computers.

You may be interested in

MobilesTablets Laptops
27% OFF
Asus ROG Phone 5 Ultimate
  • Storm White
  • 18 GB RAM
  • 512 GB Storage
26% OFF
Asus ROG Phone 3 256GB
  • Black
  • 12 GB RAM
  • 256 GB Storage
49% OFF
Asus ROG Phone 5s 5G 256GB
  • Phantom Black
  • 12 GB RAM
  • 256 GB Storage
49% OFF
Asus ROG Phone 5 256GB
  • Phantom Black
  • 12 GB RAM
  • 256 GB Storage

The malware was designed to open a "backdoor" for intruders in infected machines.

Also read
Looking for a smartphone? To check mobile finder click here.

Asus said in a prepared statement that the malware infected a small number of devices in an attempt to target a very small, specific user group. It did not specify how many or who.

The world's No. 5 computer company said it fixed the compromised updating software, which automatically sends drivers and firmware to Asus laptops when authorized by users.

Asus did not respond to emailed questions. Nor did it acknowledge that Kaspersky notified it of the so-called supply-chain attack, which was first reported by the online news site Motherboard. Cybersecurity experts say such attacks are likely far more common than is known.

About 50 percent of the affected Kaspersky anti-virus software customers were in Russia, Germany and France, the company said. The U.S. accounted for less than 5 percent.

A Symantec spokeswoman said about 13,000 of its antivirus customers received the malicious updates.

The infected software was on Asus's Live Update servers from June to November and was signed with legitimate certificates, according to Kaspersky. It did not detect the malware until January, when new capabilities were added to its anti-virus software, the company said.

Kaspersky said its researchers determined that the malware was programmed for surgical espionage when they saw that it was designed to accept a second malware payload for specific computers based on unique identifiers of their network connections. It identified more than 600 computers programmed to receive the payload.

In a blog post and answers to emailed questions, the company said the nature of the second malware payload was unknown because the server that delivered it was no longer active.

Kaspersky said that while is too early to know who was behind the operation, it is consistent with a 2017 incident blamed by Microsoft on a Chinese state-backed group the company calls BARIUM.

Asus did not address which state-backed hacking group may have been responsible but noted that their targets are not average consumers.

 

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 27 Mar, 17:02 IST
NEXT ARTICLE BEGINS