MALWARE IN ASUS SOFTWARE UPDATES
THE STORY: Kaspersky claims to have discovered the malware attack in January after Asus Live Update Utility was hacked to silently install malware over multiple devices. This attack infected thousands of computers with malware from Asus’ own update tool.
WHAT’S THE ASUS SOFTWARE UPDATE NEWS?
The researchers discovered the hack in January, right after hackers took over the Asus Live Update Utility with an intention to float malware on multiple devices. The hack is named as ‘Operation ShadowHammer’ by Kaspersky, which went on from June to November 2018.
Kaspersky also revealed that the hack is estimated to have affected more than 57,000 users. Kaspersky Lab reveals that it was able to uncover the attack only after introducing a new supply-chain detection technology to its scanning tool. This technology enables the tool to detect anomalous code fragments hidden in original code.
Now that Kaspersky found that Asus latest software updates affected 57000 machines, it was able to find this number for its own users. However, the actual figure of affected machines is estimated to be more than a million. Moreover, Asus latest software updates are preinstalled over many new Asus computers.
The malware in Asus software update helped hackers to infect computers without raising any red flags due to the fact that they used Asus’ legitimate security certificate that was hosted over Asus’ own servers.
IS ASUS SOFTWARE UPDATES SAFE TO INSTALL?
The present situation might leave you thinking about the credibility of any automatic update. However, distrusting every automatic update may leave your computer unprotected against another type of threat. Most of the companies believe that users would download and install the security patches to safeguard their machines from any new malware. You may recall the widespread WannaCry ransomware, for example, that affected millions of computers because users did not install the security update released in 2017.
As far as credibility is concerned, the hack on Asus’ automatic update tool leads to another concern, where users have to be sceptical about the security patches from the source as hackers are leaving no stone unturned to exploit a trusted relationship. It is important to know that this is not the first supply-chain attack, CCleaner, the popular utility tool was also hijacked to install malware over millions of machines in 2017.
According to Vitaly Kamluk, sia-Pacific director of Kaspersky Lab’s Global Research and Analysis Team, “This attack shows that the trust model we are using based on known vendor names and validation of digital signatures cannot guarantee that you are safe from malware,”. He also noted that ASUS denied to Kaspersky that its server was ever compromised and that the malware arrived from its server. However, Kamluk said, the download path for the malware samples that Kaspersky collected reveal the path back to the ASUS server.
Tips to Prevent virus and malware from Infecting Your System:
- Enable your popup blocker: Pop-ups and ads on the websites are the most adoptable tactic used by cybercriminals or developers with the core intention to spread malicious programs.
So, avoid clicking uncertain sites, software offers, pop-ups etc. and Install a powerful ad- blocker for Chrome, Mozilla, and IE
- Keep your Windows Updated: To avoid such infections, we recommend that you should always keep your system updated through automatic windows update.By doing this you can keep your device free from virus.According to the survey, outdated/older versions of Windows operating system are an easy target.
- Third-party installation: Try to avoid freeware download websites as they usually install bundled of software with any installer or stub file.
- Regular Backup: Regular and periodical backup helps you to keep your data safe in case the system is infected by any kind of virus or any other infection.Thus always backup important files regularly on a cloud drive or an external hard drive.
- Always have an Anti-Virus: Precaution is better than cure. We recommend that you install an antivirus like ITL Total Security or a good Malware Removal Tool like Download Virus RemovalTool
