Advertisement

Updated March 26th, 2019 at 14:22 IST

Tens of thousands of Asus computers infected by auto-update virus: Report

In a sophisticated targeted espionage operation, hackers infected tens of thousands of computers from the Taiwanese vendor ASUS with malicious software using the company’s online automatic update service, security researchers reported Monday.

| Image:self
Advertisement

In a sophisticated targeted espionage operation, hackers infected tens of thousands of computers from the Taiwanese vendor ASUS with malicious software using the company’s online automatic update service, security researchers reported Monday.

Kaspersky Lab said it detected 57,000 infections among customers of its antivirus software. It estimates that the exploit likely affected more than 1 million computers from the world’s No. 5 computer company.

The malware was designed to open a “backdoor” for intruders in the infected machines, researchers said.

About 50 per cent of the affected Kaspersky anti-virus software customers were in Russia, Germany and France, the company said. The U.S. accounted for less than 5 per cent.

A Symantec spokeswoman said about 13,000 of its antivirus customers received the malicious updates.

The so-called supply-chain attack was first reported by the online news site Motherboard.

READ | Five Google Chrome Security Tips to Ensure Safety and Privacy While you Surf the Internet

READ | New Instagram phishing scam could be on the rise: Tips to protect your account

Kaspersky said the infected software was on ASUS’s Live Update servers from June to November and was signed with legitimate certificates. It did not detect the malware until January, when new capabilities were added to its anti-virus software, the company said.

Kaspersky said its researchers determined that the malware was programmed for surgical espionage when they saw that it was designed to accept a second malware payload for specific computers based on unique identifiers of their network connections. It identified more than 600 computers programmed to receive the payload.

In a blog post and answers to emailed questions, the company said the nature of the second malware payload was unknown because the server that delivered it was no longer active.

Kaspersky said that while is too early to know who was behind the operation, it is consistent with a 2017 incident blamed by Microsoft on a Chinese state-backed group the company calls BARIUM.

ASUS did not immediately respond to two emailed requests seeking comment.

Advertisement

Published March 26th, 2019 at 14:22 IST

Your Voice. Now Direct.

Send us your views, we’ll publish them. This section is moderated.

Advertisement
Advertisement

Trending Quicks

Jailed Gangster Mukhtar Ansari Passes Away
a few seconds ago
Marginalised Communities Reaching Top Govt Positions Due To 'Affirmative Action': Justice B R Gavai
a few seconds ago
Retired Police constable gets five-year jail term for molesting minor girl
5 minutes ago
Life Insurance Corporation
6 minutes ago
Elon Musk announces successful Neuralink brain chip implant in human recipient amidst controversy
10 minutes ago
Congress Press Conference
15 minutes ago
Allu Arjun
16 minutes ago
Kia Motors
17 minutes ago
Mastering NDA Preparation: The Importance of Effective Revision Strategies and Organized Study Materials
29 minutes ago
Advertisement
Advertisement
Advertisement
Whatsapp logo