ASUS acknowledges computers infected by auto-update virus

Combined Shape

BOSTON (AP) — The Taiwanese computer company ASUS is acknowledging that suspected nation-state hackers planted malware on its online automatic update service in a sophisticated and targeted espionage operation.

Security researchers at Kaspersky Lab disclosed Monday that hackers infected tens of thousands of ASUS computers last year in the scheme. Kaspersky said it detected 57,000 infections among customers of its antivirus software. It estimated the exploit likely affected more than 1 million computers.

The malware was designed to open a “backdoor” for intruders in infected machines.

ASUS said in a prepared statement that the malware infected a small number of devices in an attempt to target a very small, specific user group. It did not specify how many or who.

The world’s No. 5 computer company said it fixed the compromised updating software, which automatically sends drivers and firmware to ASUS laptops when authorized by users.

Trending:
CDC Quietly Changes Major Part of 'How COVID-19 Spreads' Page, Adds Advice That Millions Didn't Get When Trump Was in Office

ASUS did not respond to emailed questions. Nor did it acknowledge that Kaspersky notified it of the so-called supply-chain attack, which was first reported by the online news site Motherboard. Cybersecurity experts say such attacks are likely far more common than is known.

About 50 percent of the affected Kaspersky anti-virus software customers were in Russia, Germany and France, the company said. The U.S. accounted for less than 5 percent.

A Symantec spokeswoman said about 13,000 of its antivirus customers received the malicious updates.

The infected software was on ASUS’s Live Update servers from June to November and was signed with legitimate certificates, according to Kaspersky. It did not detect the malware until January, when new capabilities were added to its anti-virus software, the company said.

Kaspersky said its researchers determined that the malware was programmed for surgical espionage when they saw that it was designed to accept a second malware payload for specific computers based on unique identifiers of their network connections. It identified more than 600 computers programmed to receive the payload.

In a blog post and answers to emailed questions, the company said the nature of the second malware payload was unknown because the server that delivered it was no longer active.

Kaspersky said that while is too early to know who was behind the operation, it is consistent with a 2017 incident blamed by Microsoft on a Chinese state-backed group the company calls BARIUM.

ASUS did not address which state-backed hacking group may have been responsible but noted that their targets are not average consumers.

The Western Journal has not reviewed this Associated Press story prior to publication. Therefore, it may contain editorial bias or may in some other way not meet our normal editorial standards. It is provided to our readers as a service from The Western Journal.

Truth and Accuracy

Submit a Correction →






We are committed to truth and accuracy in all of our journalism. Read our editorial standards.

Tags:
Combined Shape
The Associated Press is an independent, not-for-profit news cooperative headquartered in New York City. Their teams in over 100 countries tell the world’s stories, from breaking news to investigative reporting. They provide content and services to help engage audiences worldwide, working with companies of all types, from broadcasters to brands.
The Associated Press was the first private sector organization in the U.S. to operate on a national scale. Over the past 170 years, they have been first to inform the world of many of history's most important moments, from the assassination of Abraham Lincoln and the bombing of Pearl Harbor to the fall of the Shah of Iran and the death of Pope John Paul.

Today, they operate in 263 locations in more than 100 countries relaying breaking news, covering war and conflict and producing enterprise reports that tell the world's stories.
Location
New York City




Conversation