Kaspersky Labs expose malicious updates for ASUS laptops

A threat actor modified the ASUS Live Update Utility.

|

Experts at Kaspersky Labs have uncovered what seems to be one of the biggest supply-chain incidents ever. A threat actor modified the ASUS Live Update Utility, which delivers BIOS, UEFI, and software updates to ASUS laptops and desktops added a back door to the utility and then distributed it to users through official channels.

 
Kaspersky Labs expose malicious updates for ASUS laptops

The trojanized utility was signed with a legitimate certificate and was hosted on the official ASUS server dedicated to updates, and that allowed it to stay undetected for a long time. The criminals even made sure the file size of the malicious utility stayed the same as that of the original one.

 

According to Kaspersky statistics, more than 57,000 users have installed the backdoored utility, but we estimate it was distributed to about 1 million people total. The cybercriminals behind it were not interested in all of them, however - they targeted only 600 specific MAC addresses, for which the hashes were hardcoded into different versions of the utility.

While investigating this attack, Kaspersky found out that the same techniques were used against software from three other vendors. The security firm notified ASUS and other companies about the attack. As of now, all Kaspersky Lab solutions detect and block the trojanized utilities, but users are suggested to update the ASUS Live Update Utility.

Best Mobiles in India

Read More About: asus laptops kaspersky news

Best Phones

Get Instant News Updates
Enable
x
Notification Settings X
Time Settings
Done
Clear Notification X
Do you want to clear all the notifications from your inbox?
Yes No
Settings X
X