Just a couple of days back, ASUS suffered a cyber attack following which the company's update system was hacked. The hackers used the system to distribute a malware to about 1 million users using ASUS computers and laptops.
Since the software update was distributed using ASUS' servers and was signed using ASUS certificate, there was no way of telling if it was a malware attack sent by hackers. Kaspersky Lab, which brought the matter to light, named the attack 'ShadowHammer', and said they would reveal more about the attack in an upcoming conference.
Unfortunately, no one could figure out what the hackers were after. But according to reports, it looks like the hackers were targeting specific ASUS customers with their MAC addresses. The update was made to install the malicious programs once one of those systems were detected.
ASUS says it has fixed the issue with a security update, which the users can now download using its Live Update software tool. So, if you've updated your ASUS computer, then you should be fine. If not, then we highly recommend you do it right away.
In addition to the security update, ASUS has also created an online security diagnostic tool to check if your system was affected. If you're still concerned to run the software as a precaution, then you find it right here.
To run the diagnostic tool, all you need to do is download the zip file and run the software after extraction. Do make a note that the tool will only work on ASUS computers, and running it on other systems will return an error message that reads, “Only for ASUS machine!”
ASUS hasn't apologized for the mishap, and instead it said they're working to prevent such attacks from happening again in the future. The press release said, “Only a very small number of specific user group were found to have been targeted. At the same time, we have also updated and strengthened our server-to-end-user software architecture to prevent similar attacks from happening in the future.”