- #Is asus live update needed how to#
- #Is asus live update needed update#
- #Is asus live update needed android#
- #Is asus live update needed verification#
- #Is asus live update needed software#
Which ones? #TheSAS2019 will tell in just 2 weeks. Attackers seemed to cease activity in November 2018 and switched to other targets. Important note to those who rushed when reading #ShadowHammer story: current ASUS updates are fine, according to our knowledge. Kaspersky said the group behind this attack -believed to be Chinese hackers- ceased all activity on ASUS' servers in November 2018, when they moved on to other operations. ASUS customers who click this link will not receive any useful information about the ShadowHammer attack, and will be even more confused as to how this relates to the ShadowHammer attack, which isn't even mentioned on that page. Instead of thanking the Russian antivirus vendor for discovering this security breach, ASUS linked to a web page on the website of one of Kaspersky's competitors, a page which contains generic information about nation-state hacking groups. In fact, the company's press release is somewhat disrespectful to both Kaspersky and its customerbase.
#Is asus live update needed update#
For example, how can a regular ASUS customer tell if they automatically received the backdoored version of the Live Update version or not? It's very likely that most users weren't in the scope of the ShadowHammer group, but do all ASUS users who received a backdoored version of the Live Update app need to wipe and reinstall systems to be fully safe, or updating to v3.6.8 is enough?ĪSUS said its customer service has been reaching out to affected users and providing assistance, but the company has not offered any useful information otherwise. Many other questions also remain unanswered. The company released Live Update 3.6.8, but it is unclear if updating to this version removes all traces of the older backdoored Live Update version.
#Is asus live update needed software#
It was really that targeted.- Costin Raiu March 26, 2019ĪSUS is now using this very advanced target selection mechanism as an excuse to downplay the incident's severity, completely ignoring that a hacker group had direct access to its software update servers in the process. Second stage is deployed only if both addresses match. In some cases, the #shadowhammer backdoor checks both the NIC and WiFi adapter MACs to identify the victim for further exploitation. Kaspersky said the backdoored Live Update versions they collected featured more than 600 unique MAC addresses on which the ShadowHammer malware would launch further attacks. The ShadowHammer operation, as Kaspersky is calling it, infected hundreds of thousands of users, but the ShadowHammer malware hidden inside the Live Update tool didn't infect users with additional payloads unless their device had a specific MAC address.
The company said that only the Live Update tool used with notebooks had been backdoored, and not all instances of its app -used as a firmware update utility on millions of devices across the world.ĪSUS was unable to put a solid figure on the number of impacted users, despite having direct access to its own server logs and knowing of the hack for roughly two months. However, in its press release today, ASUS downplayed this estimate and said that just "a small number of devices have been implanted with malicious code." Initial assessments by Kaspersky Lab and Symantec estimated the number of infected users ranging between 500,000 and 1,000,000 users. The company's statement comes after tech news site Motherboard revealed yesterday that a group of nation-state hackers compromised ASUS' Live Update infrastructure and delivered a backdoored version of the ASUS Live Update tool.
#Is asus live update needed verification#
The company said ASUS Live Update v3.6.8 "introduced multiple security verification mechanisms to prevent any malicious manipulation in the form of software updates or other means, and implemented an enhanced end-to-end encryption mechanism."ĪSUS also said it updated and strengthened its "server-to-end-user software architecture to prevent similar attacks from happening in the future." ASUS: Only notebook users were targeted How some developers are screwing up open-source softwareĪSUS Live Update version 3.6.8 contains the aforementioned fixes, the hardware vendor announced in a press release today.