Skip to main content

Own an Asus computer? Malware might be hiding in your system

Asus ZenBook 14 UX433FN
Mark Coppock/Digtial Trends

If you own an Asus computer, your system might have been infected by malware distributed from the tool you typically use to update BIOS and install other important security patches. That’s all according to a new report from researchers at the Russian-based cybersecurity company, Kaspersky Lab.

The initial hack was first discovered in January and, in the period of five months, could have impacted up to one million different computers. According to Kaspersky, hackers apparently leveraged a back door attack and modified the ASUS Live Update Utility so it delivered a payload with malware — making it seem as though it was coming from official sources.

Recommended Videos

The backdoor was given the name “ShadowHammer” and peaked between June and November 2018. Up to 57,000 people using Kaspersky software were impacted, though it is believed that only 600 specific computers were originally intended as targets. Hackers even went as far as to ensure that the files were signed with authentic digital certificates — and to make sure that file sizes were the same size as ones distributed by Asus.

In response, Asus has released an online security diagnostic tool which helps check for affected systems. The company encourages users who are concerned to run it as a precaution. A fix in the latest version (3.6.8) of the Live Update Software addresses the issue and introduces multiple security verification mechanisms and end-to-end encryption to prevent malicious manipulation in the form of security updates.

Asus has also updated and strengthened its server-t0-end user software architecture to prevent similar attacks from happening in the future.

“Asus Live Update is a proprietary tool supplied with ASUS notebook computers to ensure that the system always benefits from the latest drivers and firmware from ASUS. A small number of devices have been implanted with malicious code through a sophisticated attack on our Live Update servers in an attempt to target a very small and specific user group,” said Asus in a statement.

Other than Kaspersky Lab, Symantec, a cybersecurity firm based in the United States, also confirmed the discovery of the ShadowHammer malware. According to a report from Motherboard, up to 13,000 computers running Symantec software were impacted.

This type of supply-chain attack is not necessarily new. Back in 2017, the popular CCleaner system maintenance application was found to have distributed malware to millions of computers through its official channels. That was eventually patched, but not before the attacks went on for a period of 22 days. These attacks are also designed to reduce trust in legitimate sources and institutions.

Updated on March 27 with a statement from Asus, and additional information on online security diagnostic tool

Arif Bacchus
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
If you have a Gigabyte motherboard, your PC might stealthily download malware
A Gigabyte Aorus Extreme motherboard.

Yet another motherboard manufacturer seems to be in trouble -- or rather, the people who own those motherboards might be. According to security researchers, countless Gigabyte boards might be vulnerable to dangerous cyberattacks.

If you want to be extra safe, there are a couple of things you can do to protect your PC. Here's what we know.

Read more
Seriously, the Asus ROG Ally could replace your desktop
The Digital Trends website on the Asus ROG Ally.

The moment I played a game on Asus' upcoming ROG Ally, it felt too good to be real. Performance is off the charts, and the form factor is surprisingly comfortable. And the more I thought about the ROG Ally after using it, the more I actually pondered replacing my high-end gaming desktop with the handheld.

I've been clear about my worries about Windows 11 on a handheld like this, and although we hear about efficiency with each new launch from AMD, Intel, and Nvidia, it's hard to feel those gains in everyday use. But the ROG Ally not only looks like the winner against the Steam Deck, it also might just replace your desktop PC.

Read more
Watch out, Steam Deck — Asus ROG Ally might run Cyberpunk at over 60 fps
Asus ROG Ally on a purple background.

Equipping the Asus ROG Ally with AMD RDNA 3 graphics might just pay off. Early leaked benchmarks of the Radeon 780M GPU show us that the gaming handheld might actually blow the Steam Deck out of the water.

According to the benchmarks, the integrated GPU might be able to run AAA titles at a smooth 60 frames per second (fps), making it superior to many discrete graphics cards. Is it time for Valve to start worrying?

Read more