Asus devices have reportedly been hacked, paving the way for cybercriminals to install backdoor malware on more than 1 million Windows devices, according to a report from Kaspersky.
The cybersecurity firm wrote on its blog post about Asus, a Taiwan-based hardware manufacturer, which saw its devices be compromised by hackers. They were able to hijack Asus’ latest update service to send malicious software onto the company’s consumer-owned devices.
Kaspersky added that hackers were able to gain access on Asus Live Update Utility, designed to provide software updates for Asus notebooks and PCs, and used it to install a backdoor on machines around the world. The backdoor is being labeled ShadowHammer, and it hit roughly 1 million Windows computers over the course of five months.
The silver lining in all this is the fact that hackers were only interested in targeting roughly 600 of these machines, as these were the only PCs with additional malware installed on them through the backdoor. Cybercriminals were able to disguise the malicious file by signing it with the real Asus digital certificates.
Plus, perpetrators ensured that the file size of the software update would be the exact same as the original to avoid any suspicions. Hackers have only exploited a small number of machines to help keep the malware remain under the radar. However, they could easily expand on this attack and target more devices.
