[ March 27, 2019 ]
Security researchers today revealed another massive supply chain attack that compromised over 1 million computers manufactured by Taiwan-based tech giant ASUS.
A group of state-sponsored hackers last year managed to hijack ASUS Live automatic software update server between June and November 2018 and pushed malicious updates to install backdoors on over one million Windows computers worldwide.
The malicious file was signed with legitimate ASUS digital certificates in order to make it look an official software update from the company and to remain undetected for a long time.
According to cybersecurity researchers from Russian firm Kaspersky Lab, who discovered the attack and dubbed it Operation ShadowHammer, Asus was informed about the ongoing supply chain attack on Jan 31, 2019.
Cyber Security Tips :
– The antivirus firm has also released an automated tool for users to check whether they had specifically been targeted by the ShadowHammer advanced persistent threat.