Half a Million ASUS Devices were Infected with BackDoors said Kaspersky

March 25, 2019

Kaspersky said they found backdoors in the updates pushed by the ASUS update server, They also said that it’s been happening for at least 5 months last year before it was discovered, according to new research from the Moscow-based security firm.


The researchers estimate half a million Windows machines received the malicious backdoor through the ASUS update server, although the attackers appear to have been targeting only about 600 of those systems. The malware searched for targeted systems through their unique MAC addresses. Once on a system, if it found one of these targeted addresses, the malware reached out to a command-and-control server the attackers operated, which then installed additional malware on those machines.

Kaspersky started a new technology in their products that is capable of detecting supply-chain attacks which can dig into the code and find the malicious activates.
Hackers modified the ASUS live update utility, which delivers BIOS, UEFI and software updates to ASUS Laptops and desktops and added a backdoor to the utility and then distributed it to the users through official channel.

The malware which was sent along with the updates was signed with a legitimate certificate and was hosted on the official ASUS server dedicated to updates, and that allowed it to stay undetected for a long time.The Hackers made sure the malicious file is of the same size as the original file.

Kaspersky believed that the malware was distributed to at least 1 Million users. However, all of the users are not targeted. Only 600 out of a million devices were targeted. Hackers targeted only a specific MAC addresses, for which the hashes were hardcoded into different versions of the utility. The malware acts as a command and control, in which the hacker can control the infected system at their wish.

Kaspersky updated this news to ASUS and they patched it perfectly now. Also most of the anti-virus will detect these kinds of attacks now. But it is preferred to re-update your ASUS systems. 


=========       Hacking Don't Need Agreements    ==========

Just Remember One Thing You Don't Need To Seek Anyone's Permission To Hack Anything Or Anyone As Long As It Is Ethical, This Is The Main Principle Of Hacking Dream
            Thank You for Reading My Post, I Hope It Will Be Useful For You

I Will Be Very Happy To Help You So For Queries or Any Problem Comment Below Or You Can Mail Me At Bhanu@HackingDream.net

By:
Bhanu Namikaze

Bhanu Namikaze is an Ethical Hacker, Security Analyst, Blogger, Web Developer and a Mechanical Engineer. He Enjoys writing articles, Blogging, Debugging Errors and Capture the Flags. Enjoy Learning; There is Nothing Like Absolute Defeat - Try and try until you Succeed.

No comments:

Post a Comment