ALERT! – ASUS Computers Hit By ShadowHammer Malware!

Published On March 28, 2019 | By Tom Huskerson | Alerts

ASUS computers owners need to be alert to the ShadowHammer malware hitting millions of computers. The malware is downloaded directly to the computers by the makers own servers disguised as updates.

A hacker has modified the ASUS Live Update Utility, which delivers software updates to ASUS laptops and desktops. The hacker added a back door to the utility and then distributed the malware to owners through official ASUS channels.

The malware was signed with a legitimate certificate and was hosted on the official ASUS servers used for updates and, according to reports, has been undetected for an unknown period of time. The clever hackers even made sure the file size of the malicious code stayed the same as that of the original one.

According to Kaspersky Labs estimates are that the malware was distributed to about 1 million people total. While investigating the attack Kaspersky also discovered the same techniques targeted software from three other unnamed vendors. Kaspersky has notified ASUS and other companies about the attack. Kaspersky Labs suggest ASUS computer owners update the ASUS Live Update Utility if they use it.

Even though the malware was distributed widely it is believed that the hackers are actually only targeting a limited number of computers based on the MAC address. LifeHacker.com has an article with instructions on checking if your MAC address is a target. Kaspersky also offers this website to check you MAC address.

ASUS has released a new version of its Live Update software for laptops that addresses the ShadowHammer backdoor attack. The computer maker has promised “multiple security verification mechanisms” to reduce the chances of further attacks. According to ASUS it has started using an “enhanced end-to-end encryption mechanism.” ASUS also stated it has made upgrades to the behind-the-scenes server system to prevent future attacks.

Like this Article? Share it!

About The Author

Tom Huskerson Bio Born in Richmond Virginia Tom Huskerson is a military veteran who settled in California after his discharge. He attended Santa Barbara City College where he began his writing career as a campus reporter. He worked as an intern news reporter for the Santa Barbara News-Press writing feature stories before moving on to San Francisco. At San Francisco State University Tom studied broadcast communications and began to focus on the Internet. He completed his graduate thesis on Internet advertising. Tom was the first student to ever focus on the Internet as a graduate student at San Francisco State University. After graduation he went to work for Zona Research in California’s Silicone Valley. As a research associate Tom supported senior analyst writing on the latest developments in the Internet industry. During the dot com boom Tom worked for several web businesses as a market researcher and analyst. As a writer and researcher Tom has authored various technical works including a training program for Charles Schwab security. Other projects included professional presentations on workplace violence and hiring security contractors. Tom has returned to focus on writing both fiction and non-fiction works and blogging for a travel website. He has published two books of short stories and completed two novels. Tom is the owner of Scribe of Life Literature and EbonyCandle. Most recently Tom has launched the blog African American Cyber Report. The blog is the result of his desire to inform the African American community of the dangers and benefits of the cyber age. In his blog Tom reports on information security, new and analysis, scams and hoaxes, legal happenings and various topics that arise from the age of information. Tom believes that technology is a necessary tool for black people and they should know what is happening. Tom writes believing that techno speak is for the professional and that valuable information can be communicated using plain language. As a result he has embraced the motto, Less Tech, More Knowledge.

Leave a Reply

Your email address will not be published. Required fields are marked *