Users of the ASUS Live Update beware, you could install backdoor

  1. AndreTen's Avatar
    Posts : 16,950
    Windows 10 (Pro and Insider Pro)
       #1

    Users of the ASUS Live Update beware, you could install backdoor


    As Kaspersky lab announced today, users of ASUS hardware are possible targets of hackers attack:

    The actors behind ShadowHammer targeted the ASUS Live Update Utility as the initial source of infection. This is a pre-installed utility in most new ASUS computers, for automatic BIOS, UEFI, drivers and applications updates. Using stolen digital certificates used by ASUS to sign legitimate binaries, the attackers have tampered older versions of ASUS software, injecting their own malicious code. Trojanized versions of the utility were signed with legitimate certificates and were hosted on and distributed from official ASUS update servers which made them mostly invisible to the vast majority of protection solutions.
    Read more at Kaspersky lab site:
    press-releases | operation-shadowhammer-new-supply-chain-attack

    Brink already posted this, so it could be deleted. Sorry

    tenforums | windows-10-news/129563-operation-shadowhammer-apt-targeted-asus-live-update-utility
      My ComputersSystem Spec

  2.    #2

    Well now, so my dislike of digital certificates has been vindicated?...

    In this case, if they contained the hash of the supplied exe/dll there would not be a problem? ... Smartscreen and most AV's could verify upfront...right?
      My ComputerSystem Spec


 

Related Threads
Read more: https://www.kaspersky.com/about/press-releases/2019_operation-shadowhammer-new-supply-chain-attack Operation ShadowHammer | Securelist
Hi folks Those of you making WindowstoGo using Wintousb software will be disappointed by this release 1) you can't create it via the install windows with the ISO or wim images 2) clone current system fails on boot. 3)macrium fix windows boot...
Hi there. On a Clean install if you have multiple HDD's all with 100% "unallocated space" and no partition table (gpt flag) as far as Windows is concerned even though those unallocated partitions are Native partitions for another OS the...
Solved New Update today BEWARE! in Windows Updates and Activation
I just did the latest update. At least it was for me. Low and behold Microsoft decided to install a little EXTRA DRM on me without notice. It's a file called Au.exe and was in the temp folder. The actual program name is Online Games Manager...
Hi there. knowing how bad large corporations are in testing and roiling out software - especially with the amount of Offshoring and lack of QC done "in the name of Cost reductions" I expect to see these Forums being filled with howls of anguish...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 05:41.
Find Us