Shadowhammer, a virus infects asus pcs through 'asus live update'
Table of contents:
Possibly as many as a million people have downloaded and installed a version of the Asus Live Update utility, which was infected by a backdoor called ShadowHammer hosted on the official Asus servers.
ShadowHammer infects computers through Asus Live Update
The backdoor was discovered by Kaspersky, who has been called ShadowHammer, and was actually an attack targeting a small number of users. Kaspersky said the ShadowHammer attack had been detected worldwide, most commonly in Russia and Germany, with about 5% of victims in the United States.
From a security standpoint, the most disturbing aspect of the malware is that it was digitally signed with legitimate security certificates, a seal of authenticity that would make it indistinguishable from an actual update. They were even hosted on Asus servers. The Live Update software can be downloaded from the Asus website, and it also comes preloaded on branded PCs.
Asus Live Update software is designed to check for new versions of programs published on the Asus website, and then automatically update the BIOS, drivers, and applications on a PC. If ShadowHammer allowed the PC to download malicious BIOS software from somewhere else, that software could basically take over the entire PC.
Kaspersky did not specifically say whether its software would block the attack, but the company said it had designed a tool to determine if its PC was one of the target machines, about 600 addresses in total.
At the time of writing these lines, the company has not commented on it.
Bleepingcomputer fontNew virus circulates through google play and affects 2 million users
New virus circulates through Google Play and affects 2 million users. FalseGuide is a malware detected in the Google Play store. Read more.
A virus is spreading through a video on facebook
A virus is spreading through a video on Facebook. Find out more about this virus that is spreading on Facebook.
Detected a Trojan that infects your pc due to a vulnerability in powerpoint
Detected a Trojan that infects your PC due to a vulnerability in PowerPoint. Find out more about this Trojan that affects this vulnerability.