Own an Asus computer? Malware might be hiding in your system

Asus ZenBook 14 UX433FN
Mark Coppock/Digtial Trends

If you own an Asus computer, your system might have been infected by malware distributed from the tool you typically use to update BIOS and install other important security patches. That’s all according to a new report from researchers at the Russian-based cybersecurity company, Kaspersky Lab.

The initial hack was first discovered in January and, in the period of five months, could have impacted up to one million different computers. According to Kaspersky, hackers apparently leveraged a back door attack and modified the ASUS Live Update Utility so it delivered a payload with malware — making it seem as though it was coming from official sources.

The backdoor was given the name “ShadowHammer” and peaked between June and November 2018. Up to 57,000 people using Kaspersky software were impacted, though it is believed that only 600 specific computers were originally intended as targets. Hackers even went as far as to ensure that the files were signed with authentic digital certificates — and to make sure that file sizes were the same size as ones distributed by Asus.

In response, Asus has released an online security diagnostic tool which helps check for affected systems. The company encourages users who are concerned to run it as a precaution. A fix in the latest version (3.6.8) of the Live Update Software addresses the issue and introduces multiple security verification mechanisms and end-to-end encryption to prevent malicious manipulation in the form of security updates.

Asus has also updated and strengthened its server-t0-end user software architecture to prevent similar attacks from happening in the future.

“Asus Live Update is a proprietary tool supplied with ASUS notebook computers to ensure that the system always benefits from the latest drivers and firmware from ASUS. A small number of devices have been implanted with malicious code through a sophisticated attack on our Live Update servers in an attempt to target a very small and specific user group,” said Asus in a statement.

Other than Kaspersky Lab, Symantec, a cybersecurity firm based in the United States, also confirmed the discovery of the ShadowHammer malware. According to a report from Motherboard, up to 13,000 computers running Symantec software were impacted.

This type of supply-chain attack is not necessarily new. Back in 2017, the popular CCleaner system maintenance application was found to have distributed malware to millions of computers through its official channels. That was eventually patched, but not before the attacks went on for a period of 22 days. These attacks are also designed to reduce trust in legitimate sources and institutions.

Updated on March 27 with a statement from Asus, and additional information on online security diagnostic tool


Asus launches a fleet of ROG gaming laptops with 240Hz screens and 9th-gen CPUs

Asus launched updates to nearly every gaming laptop line they have, ranging from the high-end Zephyrus to the budget-level TUF Gaming. The naming schemes might be hard to parse, but there are some impressive options in Asus' new lineup.

We tried all the latest and greatest smartphones to find the best of 2019

Smartphones are perhaps the most important and personal piece of tech on the planet. That’s why it’s important to pick the best phone for your individual needs. Here are the best smartphones you can buy.

Whether by the pool or the sea, make a splash with the best waterproof phones

Whether you're looking for a phone you can use in the bath, or you just want that extra peace of mind, waterproof phones are here and they're amazing. Check out our selection of the best ones you can buy.

Your PlayStation 4 game library isn't complete without these games

Looking for the best PS4 games out there? Out of the massive crop of titles available, we selected the best you should buy. No matter what your genre of choice may be, there's something here for you.

Worried about your online privacy? We tested the best VPN services

Browsing the web can be less secure than most users would hope. If that concerns you, a virtual private network — aka a VPN — is a decent solution. Check out a few of the best VPN services on the market.

Nvidia’s new GTX 1660 Ti and 1650 graphics cards for laptops start at $799

Nvidia announced the GTX 1660 Ti and GTX 1650, two new mobile graphics cards to flesh out the Turing lineup for laptops. These GPUs don't have the ray tracing capabilities of the RTX 20 series, but start at much lower prices.
Product Review

Without 4K or Core i9, the new Razer Blade Pro trades features for polish

Razer hasn’t updated its 17-inch gaming laptop for a couple of years, while showering most of its attention on the smaller sibling. The new Razer Blade Pro takes a lot of cues from the 15-inch model, stretching it out for the big screen.

Microsoft reverses decision and extends lifeline to MS Paint for Windows 10

Microsoft reversed its decision to deprecate the classic MS Paint software on Windows 10. Microsoft announced on Twitter that the mainstay free image editor that comes pre-installed with Windows will live on for now.

Acer gives Predator, Nitro gaming notebooks CPU and GPU upgrades

Acer's latest gaming notebooks will be getting a processor and graphics boost. The company announced that Intel's ninth-generation mobile CPU and Nvidia's GTX 1660 Ti will land on the Predator Helios 300, Nitro 7, and Nitro 5 laptops.

Dell’s XPS 15 steps up its game with next-gen Intel, Nvidia chips

Dell announced a redesigned XPS 15 with a webcam positioned up top, and the internals make this Ultrabook an even better gaming laptop. The XPS 15 can be configured with Intel's 9th-Gen processors and Nvidia's GTX 16-Series GPU.

From simple work tools to high-end gaming peripherals, these are the best mice

If you're looking to buy the best mouse for you, whether it's for gaming or work, we have something for you. We've put together a list of our favorite mice, all of which have great features and sell at a great price.

Amazon drops deals on Razer, Netgear, and Western Digital PC accessories

Grab these deals while you can: As part of their Deal of the Day promotion, Amazon is offering deep discounts on a wide variety of PC accessories including premium gaming mice, external hard drives, and even Wi-Fi routers.

WWDC 2019 Complete Coverage

Apple’s Worldwide Developer Conference is a key tech event each year, and for Apple fans, it will be one of the two best times of 2019 (along with "new iPhone day," of course). For the last few years, Apple has debuted much of its…

AMD's upcoming Navi graphics cards are incoming. Here's what to expect

AMD's Navi graphics cards could be available as soon as July 2019 — as long as it's not delayed by stock problems. Billed as a successor to Polaris, Navi promises to deliver better performance to consoles like Sony's PlayStation 5.