Own an Asus computer? Malware might be hiding in your system

Asus ZenBook 14 UX433FN
Mark Coppock/Digtial Trends

If you own an Asus computer, your system might have been infected by malware distributed from the tool you typically use to update BIOS and install other important security patches. That’s all according to a new report from researchers at the Russian-based cybersecurity company, Kaspersky Lab.

The initial hack was first discovered in January and, in the period of five months, could have impacted up to one million different computers. According to Kaspersky, hackers apparently leveraged a back door attack and modified the ASUS Live Update Utility so it delivered a payload with malware — making it seem as though it was coming from official sources.

The backdoor was given the name “ShadowHammer” and peaked between June and November 2018. Up to 57,000 people using Kaspersky software were impacted, though it is believed that only 600 specific computers were originally intended as targets. Hackers even went as far as to ensure that the files were signed with authentic digital certificates — and to make sure that file sizes were the same size as ones distributed by Asus.

In response, Asus has released an online security diagnostic tool which helps check for affected systems. The company encourages users who are concerned to run it as a precaution. A fix in the latest version (3.6.8) of the Live Update Software addresses the issue and introduces multiple security verification mechanisms and end-to-end encryption to prevent malicious manipulation in the form of security updates.

Asus has also updated and strengthened its server-t0-end user software architecture to prevent similar attacks from happening in the future.

“Asus Live Update is a proprietary tool supplied with ASUS notebook computers to ensure that the system always benefits from the latest drivers and firmware from ASUS. A small number of devices have been implanted with malicious code through a sophisticated attack on our Live Update servers in an attempt to target a very small and specific user group,” said Asus in a statement.

Other than Kaspersky Lab, Symantec, a cybersecurity firm based in the United States, also confirmed the discovery of the ShadowHammer malware. According to a report from Motherboard, up to 13,000 computers running Symantec software were impacted.

This type of supply-chain attack is not necessarily new. Back in 2017, the popular CCleaner system maintenance application was found to have distributed malware to millions of computers through its official channels. That was eventually patched, but not before the attacks went on for a period of 22 days. These attacks are also designed to reduce trust in legitimate sources and institutions.

Updated on March 27 with a statement from Asus, and additional information on online security diagnostic tool

Emerging Tech

Motion-sensing shrubs and robo-Venus flytraps: Inside the world of Cyborg Botany

From motion-sensing plants to a Venus Flytrap you control using a computer, Harpreet Sareen is the brains behind a weird field called Cyborg Botany. Here's why he believes it matters.
Movies & TV

The best shows on Netflix right now (May 2019)

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Home Theater

Plex is free and easy, and you'll wonder how you survived without it

If you want a Netflix-like experience for the media you already own, you need Plex. It's the free media center software that automatically catalogs and plays your movies, music, photos, and more, on your TV. Here's how to use it.

Your PlayStation 4 game library isn't complete without these games

Looking for the best PS4 games out there? Out of the massive crop of titles available, we selected the best you should buy. No matter what your genre of choice may be, there's something here for you.

Keep your kids safe online with these great parental control tools

The internet can be a dangerous place, especially for your loved ones. Check out our selection of the best free parental control software for Windows and MacOS, so you can monitor your child and block unsavory sites.

These external drives have speed, durability, and storage space to spare

Whether you want an external storage drive that is fast, portable, or comes with a ton of storage, these are the best external hard drives available today. They all come with great features and competitive pricing.

Here’s how to watch AMD reveal its new Ryzen chips at Computex

AMD will hold a pre-Computex keynote May 27 to announce its new line of 3rd-generation Ryzen processors and accompanying Radeon Navi graphics cards. Here's how to watch the keynote live wherever you are in the world.

The 2019 ThinkPad lineup is robust. Here's how to pick the right one for you

Be it the X series, the T series, E series, it can be tough to find the best Lenovo laptop that is right for you. To help, we'll break down all the options available to make your choice a more informed one.

Should you buy a MacBook Pro or a Razer Blade Stealth? We'll help you decide

Laptop head to heads are a great way to see which one might be the right one for you. Our latest sees the Razer Blade Stealth (2019) vs. MacBook Pro in a fight to see which one deserves to be your next laptop.

AMD's latest Navi graphics cards are incoming. Here's what to expect

AMD's Navi graphics cards could be available as soon as July 2019 — as long as it's not delayed by stock problems. Billed as a successor to Polaris, Navi promises to deliver better performance to consoles like Sony's PlayStation 5.

Ryzen 3000 chips will pack a punch, and could launch as early as July

AMD's upcoming Ryzen 3000 generation of CPUs could be the most powerful processors we've ever seen, with higher core counts, greater clock speeds, and competitive pricing. Here's what we know so far.

Want to watch Netflix in bed or browse the web? We have a tablet for everyone

There’s so much choice when shopping for a new tablet that it can be hard to pick the right one. From iPads to Android, these are our picks for the best tablets you can buy right now whatever your budget.

The best Amazon Prime Day 2019 deals: Everything you need to know

Amazon Prime Day 2019 is still a few months off, but it's never too early to start preparing. We've been taking a look at the best discounts from previous Prime Days to give you our predictions of what to expect this year.

Microsoft might finally embrace USB-C on next-gen Surface Pro 7

USB-C could finally come to Microsoft's Surface Pro tablet. According to a Microsoft patent filing, the port was shown in an illustration, suggesting that the company is working to support this feature in the future.