Your browser does not support JavaScript!

Author: Tronserve admin

Thursday 29th July 2021 04:54 PM

Researchers ASUS Computers Infected by Auto-Update Virus


image cap
147 Views

BOSTON (AP) — In a sophisticated focused espionage activity, hackers affected tens of thousands of computers from the Taiwanese business ASUS with malevolent software using the company's online automatic update service, security researchers reported Monday.

 

Kaspersky Lab said it discovered 57,000 infections among customers of its antivirus software. It reports that the exploit most likely impacted more than 1 million computers from the world's No. 5 computer company. The malware was designed to open a " back-door " for intruders in the infected machines, researchers said. About 50 percent of the affected Kaspersky anti-virus software customers were in Russia, Germany and France, the company said . The U.S. accounted for less than 5 percent. A Symantec spokeswoman said about 13,000 of its antivirus customers received the malicious updates. The so-called supply-chain attack was first reported by the online news site Motherboard.

 

Kaspersky said the infected software was on ASUS's Live Update servers from June to November and was signed with legit certificates. It did not notice the malware until January when new capabilities were added to its anti-virus software, the company said. Kaspersky said its experts determined that the malware was set for surgical espionage when they saw that it was made to accept a second malware payload for specific computers based on distinctive identifiers of their network connections. It defined more than 600 computers created to obtain the payload. In a blog post and answers to emailed questions, the company said the nature of the second malware payload was unknown because the server that delivered it was no longer active. Kaspersky said that while it is too early to know who was behind the operation, it is steady with a 2017 incident blamed by Microsoft on a Chinese state-backed group the company calls BARIUM. ASUS did not promptly react to two emailed requests seeking comment.



This article is originally posted on Manufacturing.net


Share this post:


This is the old design: Please remove this section after work on the functionalities for new design

Posted on : Thursday 29th July 2021 04:54 PM

Researchers ASUS Computers Infected by Auto-Update Virus


none
Posted by  Tronserve admin
image cap

BOSTON (AP) — In a sophisticated focused espionage activity, hackers affected tens of thousands of computers from the Taiwanese business ASUS with malevolent software using the company's online automatic update service, security researchers reported Monday.

 

Kaspersky Lab said it discovered 57,000 infections among customers of its antivirus software. It reports that the exploit most likely impacted more than 1 million computers from the world's No. 5 computer company. The malware was designed to open a " back-door " for intruders in the infected machines, researchers said. About 50 percent of the affected Kaspersky anti-virus software customers were in Russia, Germany and France, the company said . The U.S. accounted for less than 5 percent. A Symantec spokeswoman said about 13,000 of its antivirus customers received the malicious updates. The so-called supply-chain attack was first reported by the online news site Motherboard.

 

Kaspersky said the infected software was on ASUS's Live Update servers from June to November and was signed with legit certificates. It did not notice the malware until January when new capabilities were added to its anti-virus software, the company said. Kaspersky said its experts determined that the malware was set for surgical espionage when they saw that it was made to accept a second malware payload for specific computers based on distinctive identifiers of their network connections. It defined more than 600 computers created to obtain the payload. In a blog post and answers to emailed questions, the company said the nature of the second malware payload was unknown because the server that delivered it was no longer active. Kaspersky said that while it is too early to know who was behind the operation, it is steady with a 2017 incident blamed by Microsoft on a Chinese state-backed group the company calls BARIUM. ASUS did not promptly react to two emailed requests seeking comment.



This article is originally posted on Manufacturing.net

Tags:
infection by autoupdate virus