Tuesday 2 April 2019, Poradnik bezpieczeństwa

ShadowHammer trojan – ASUS Live Update Utility

Lost24

Kaspersky Lab has revealed a hacking campaign utilizing ShadowHammer trojan, which targets users of Asus’ Live Update Utility.


Over 1 million users worldwide have possibly encountered the threat.


The campaign was based on the so-called supply chain attacks, in which cybercriminals used Taiwanese manufacturer’s servers to distribute the trojan.


ASUS Live Update Utility is a pre-installed software for most of the newest ASUS PCs that is used to automatically update the BIOS, UEFI, drivers and applications.


The campaign was mostly overlooked by the vast majority of security measures, as the tools containing the trojan were signed with authentic certificates and were distributed from official ASUS update servers.


According to ASUS its customer service is in touch with the affected users and provides them with help in removing the threat. In addition, the company has introduced updates to the latest version of the Live Update Utility in order to further protect users from threats. Finally, ASUS has also introduced an online security diagnostic tool to verify the systems affected by the vulnerability.