22:08 GMT +318 April 2019
Listen Live
    Kaspersky Lab office in Moscow

    Asus Software Update Platform Hacked, Used to Spread Malware – Kaspersky Lab

    © Sputnik / Kirill Kallinikov
    Tech
    Get short URL
    117

    The virus, distributed from the tech maker’s official website, could potentially affect 1 million computers, the cybersecurity firm says.

    The software update service for Taiwan-based tech manufacturer Asus was hacked and exploited to disseminate malware from June to November 2018, cybersecurity firm Kaspersky Lab says. The firm discovered the "chain attack" in January 2019.

    The malware was signed with the official Asus digital certificate and in general appeared to be a genuine software update, one marked as "critical," at that, the Kaspersky Lab said, Motherboard reported Tuesday.

    It appears that, despite being distributed globally, the malware was targeted at a relatively small pool of some 600 machines with specific media access control (MAC) addresses. Should the malware discover the MAC it was looking for, it would then open the door for more malicious programs to further compromise the system.

    This mode of operation led Kaspersky Lab to compare the attack to the infamous Stuxnet, a widely speculated US/Israeli-developed cyberweapon, which was also distributed indiscriminately but did little to no harm on most infected systems.

    According to The Verge, Asus has not yet contacted customers or taken action to stop the spread of the malware. In an email to the website, the company promised to come up with an official statement by Tuesday afternoon. The original report by Motherboard says Asus initially denied that the malware had originated from its servers.

    Kaspersky Lab reported that approximately 57,000 people using its antivirus software had their machines infected by the malware; the company estimates that while the total number of affected machines could be "hundreds of thousands," it also adds that the malware may potentially affect up to 1 million computers worldwide.

    Related:

    Kaspersky Lab Recorded Attempts to Hack Diplomatic Entities' Systems in Iran
    Kaspersky Spotted Leak NSA Missed as Spy Agency Lacks ‘Good Handle’ on Security
    US NSA Uses Kaspersky Lab to Catch Hacker Then Bans Firm in Return - Reports
    Cyberattacks on Critical Infrastructure Facilities Are Sporadic – Kaspersky Lab
    Kaspersky Lab to Stay in US Despite Rejection of Company's Lawsuit Against Gov't
    US Appeals Court Upholds Dismissal of Kaspersky Lab's Lawsuit - Filing
    Tags:
    cybersecurity, software, malware, Asus, Kaspersky Lab, Russia, Taiwan
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik