HACKERS INSTALL BACKDOORS ON ASUS MACHINES

IF YOU’VE GOT AN ASUS MACHINE, YOU MAY HAVE A PROBLEM.

OVER HALF A MILLION COMPUTERS HAVE BEEN AFFECTED BY MALWARE THAT PROVIDES BACKDOOR ACCESS TO HACKERS.

The sophisticated supply chain attack that is dubbed “Operation ShadowHammer” has compromised one of ASUS’ servers which is used to provide updates via the ASUS Live Update utility tool.

Researchers at Kaspersky Labs had uncovered the attack in January 2019 however, investigations are still in progress and full results and technical papers will be published during SAS 2019 conference in Singapore.

ASUS Live Update is an utility that is pre-installed on most ASUS computers and is used to automatically update certain components such as BIOS, UEFI, drivers, and applications. According to Gartner, ASUS is the world’s 5th-largest PC vendor by 2017 unit sales. This makes it an enticing target is given the size of their userbase.

Kaspersky has reported that over 57,000 Kaspersky users have downloaded and installed the backdoored version of ASUS Live Update at some point in time and the malware was estimated to have affected over half a million ASUS users using other antivirus software.

The hackers gained access to the ASUS Server and were able to fraudulently sign the trojanized malware files using an authentic ASUS digital certificate.

Digital signature on a trojanized ASUS Live Update setup installer

The malware targeted an unknown pool of users, identified by their network adapters’ MAC addresses but some evidence collected by Kaspersky correlated the attack to the ShadowPad attack in 2017. The perpetrator behind ShadowPad has been publicly identified by Microsoft in court documents as BARIUM. BARIUM is an APT actor known to be using the Winnti backdoor.

As a result of this attack, Kaspersky Labs has created a tool that can be run to determine if your computer has been one of the surgically selected targets of this attack. To check this, it compares MAC addresses of all adapters to a list of predefined values hard-coded in the malware and alerts if a match was found.

Download an archive with the tool (.exe)

Also, you may check MAC addresses online. If you discover that you have been targeted by this operation, please e-mail us at: info@leslieleefook.com.



Incus Services
Incus Services
50 Google reviews
Marsha Rudon
Marsha Rudon
2021.11.19.
I thoroughly enjoyed this course. The material presented is invaluable. I can see how Tableau can help our organization to ask and answer, the really difficult questions and help us inevitably to increase our profitability. Thank you to all the presenters who have helped peak my interest in BI.
Samantha Singh
Samantha Singh
2021.11.18.
Very interactive workshop, awesome coaches and definitely value for your money, I highly recommend this workshop and Incus Services !!! You will not regret it
Nicole Orosco
Nicole Orosco
2021.11.18.
The workshop was very hands on, this team was very knowledgeable about the process. I fully endorse 100%. They left me wanting to know more about data Analytics and to develop this skill. Time is life, Team Incus it is!!!
I Beneebee
I Beneebee
2021.11.18.
Wasn't expecting so much for the first day of a workshop. But by the end of the session I was able to create my 1st Tableau Dashboard. Learned tips for better visual presentations, Learned how to incorporate color, publish and present the dashboard. The onus is on me to recreate this now in my own environment. Pressure TALL! Great Job Incus Services!!
Mark Eting
Mark Eting
2021.11.18.
Exceptional
Edward Alexander
Edward Alexander
2021.11.18.
Day 1 of the workshop was excellent. The basics of Tableau and data analytics were covered in a very pragmatic way that provided a solid foundation to start working with real data.
James Padji
James Padji
2021.10.08.
I was not sure what to expect because the class was taught remotely, but I was quite impressed with the entire process. The facility was very professional and there were no problems with connectivity. The instructor's were experts and very clear in there method of teaching. The things I learned I can and will surely use in my daily work.
Frans Amatali
Frans Amatali
2021.10.07.
Thank you for the opportunity. It was an amazing journey in Data Analytics using Tableau. From the coaches I have learned how to Aggregate, Sort and Filter data putting it into a dashboard on how to solve problems using this software. As a group (2) we had to do it by ourselfs and present the data by telling our story about the data and give our findings and recommendation. It was fantastic. Thanks to everyone and especially the Coaches.
AKASH KING
AKASH KING
2021.10.07.
Amazing workshop! Learned a lot! Very professional and fun.
About Us
We are B2B consultants focusing on business intelligence and cyber security serving both large and medium sized organizations by helping them solve their data challenges. With the current advancements in technology, it is imperative that all organizations have a data strategy. It is no longer business as usual and for many organizations. The need for data-driven decision making isn’t a question of strategic advantage but of survival.
Learn More