![asus live update spyware asus live update spyware](https://www.2-spyware.com/news/wp-content/uploads/virusai/malicious-moderate-ml-score-malware-virus_en.jpg)
- #ASUS LIVE UPDATE SPYWARE INSTALL#
- #ASUS LIVE UPDATE SPYWARE PATCH#
- #ASUS LIVE UPDATE SPYWARE SOFTWARE#
The infected software was on ASUS's Live Update servers from June to November and was signed with legitimate certificates, according to Kaspersky.
![asus live update spyware asus live update spyware](https://news-cdn.softpedia.com/images/fitted/620x348/asus-delivers-bios-and-uefi-updates-over-http-with-no-verification.jpg)
![asus live update spyware asus live update spyware](https://img.mywindowshub.com/images9/asus-2.jpg)
It estimated the exploit likely affected more than 1 million computers. Kaspersky said it detected 57,000 infections among customers of its antivirus software. Security researchers at Kaspersky Lab disclosed Monday that hackers infected tens of thousands of ASUS computers last year in the scheme. (AP Photo/Jenny Kane)īOSTON - The Taiwanese computer company ASUS is acknowledging that suspected nation-state hackers planted malware on its online automatic update service in a sophisticated and targeted espionage operation.
#ASUS LIVE UPDATE SPYWARE INSTALL#
5 computer company, though it was designed to surgically install a backdoor in a much smaller number of PCs. Kaspersky Labs said Monday, March 25, that the exploit likely affected more than 1 million computers from the world’s No. Security researchers say hackers infected tens of thousands of computers from the Taiwanese vendor ASUS with malicious software for months last year through the company’s online automatic update service. However, chances are that Asus may not be the only laptop maker with a PC utility that has been infected, at least temporarily and without getting caught by various sophisticated hacking groups.This Feb 23, 2019, photo shows the inside of a computer with the ASUS logo in Jersey City, N.J. The antivirus companies found Asus' update software to be vulnerable only for a limited period of time, but this may have been a strategy by the hacking group to minimize its exposure. In this case, not only did Asus ignore this issue for the past three years despite being warned about it by security researchers, but the company seemingly ignored it once again when existing attacks and not just theoretical ones, were showed to it by Kaspersky.ĭue to what seems to be mainly Kaspersky’s insistence on revealing the APT group’s attack to the public and fear of the press’ reaction, Asus was finally dragged kicking and screaming into updating its software with the proper modern security features that it should have used since at least 2016, after the aforementioned report came out. The chief of NSA’s TAO group also said in the past that exploiting OEMs’ software for notebooks is one of the easiest ways to hack a computer, because of how vulnerable these software tools tend to be and how little care laptop vendors tend to have for security in general. Asus, one of the worst offenders among the vulnerable laptop makers, was guilty of not even using HTTPS encryption or signing or validating their software updates.Īt the time, the researchers that revealed this also found other critical vulnerabilities in these companies’ update tools that would have made it easy even for non-technical malicious hackers to infect targeted machines. Has Asus Learned Its Lesson?īack in 2016, a report came out that revealed how the top 5 notebook makers, including Asus, were ignoring security best practices for their devices that would have prevented this type of attack.
#ASUS LIVE UPDATE SPYWARE PATCH#
Now, Asus has released a patch for its software, as well as a diagnostic tool for Asus notebook customers that want to verify whether or not their Live Update software was infected with malware. Kaspersky told Asus of the attack in January and published the story yesterday on Seclist and its blog.