Quote:A cybercriminal campaign focused on targeting the supply chain through the exploitation of ASUS Live Update software may have involved the installation of backdoors on over one million PCs.
 
On Monday, researchers from Kaspersky Labs said the attack was first detected in January 2019. It is believed that the campaign, dubbed Operation ShadowHammer, took place between June and November 2018 and has potentially compromised countless users -- despite there being only a small list of individuals the hackers wished to target.

Operation ShadowHammer leverages the ASUS Live Update Utility, which comes pre-installed on the majority of ASUS computers.
 
ASUS Live Update is intended for ensuring computer systems, such as drivers, apps, BIOS, and UEFI all receive upgrades and patches when they are due, but it is this valuable utility that cyberattackers have managed to compromise.
 
Kaspersky was able to track down over 57,000 of its own customers that unwittingly downloaded and installed the malicious software and while the cybersecurity firm is unable to provide direct figures of all those affected, the firm says that it estimates "the real scale of the problem is much bigger and is possibly affecting over a million users worldwide."

Quote:ASUS Live Update version 3.6.8 contains the aforementioned fixes, the hardware vendor announced in a press release today.
 
The company said ASUS Live Update v3.6.8 "introduced multiple security verification mechanisms to prevent any malicious manipulation in the form of software updates or other means, and implemented an enhanced end-to-end encryption mechanism."
 
ASUS also said it updated and strengthened its "server-to-end-user software architecture to prevent similar attacks from happening in the future."