Operation ShadowHammer: 1 Million ASUS Devices Compromised With Malware
Smart Devices users often get excited with the latest software & patch updates promising new functionalities and security benefits. What if the update is compromised at the source making your provider the distributor of the malware?
That’s what happened with about a million users of ASUS products, first reported by Motherboard(vice.com). The servers of the company were hacked and used for the malware distribution for at least five months.
Kaspersky Labs dubbed the attack as ‘ShadowHammer’, with reportedly million devices being compromised including laptops, smartphones, home appliances, PCs, and other consumer electronic devices from ASUS. To make the update look genuine, the signatures were also made legitimate, and even the file size was made the same as the original update file.
Kaspersky plans to release the detailed analysis of the attack next month in their cybersecurity conference. ASUS already confirmed the infected devices to be approximately a million. However, the exact count is yet to be revealed.
The reason this attack has been creating waves in the cyber communities is that it was methodical, simple and exclusively targeted a specific pool with their MAC addresses. ASUS users can check whether their device is affected or not in 2 ways:
1- Online search for their MAC address in the list of infected devices
2- Run this tool in their device