According to a blog post from Kaspersky, about one million ASUS devices have been compromised by hackers via backdoor software.
Security experts were able to discover one of the biggest incidents of this kind thanks to the new cyber-security technology capable of detecting supply chain attacks.
Hackers compromised the devices through system updates which installed a malicious backdoor code on ASUS desktops and laptops.
ASUS updates riddled with malware
It seems that the malware code also modified the ASUS Live Update Utility. This delivers BIOS, UEFI and software updates to ASUS desktops and laptop.
Hackers were able to add a backdoor to the utility to distribute malware to users through official channels.
Apparently, the utility was signed with a legitimate certificate. So it was hosted with the same size as the original one on the official ASUS server dedicated to updates. This made it stay undetected for a long period of time.
Security researchers estimated that about 57,000 users installed this malicious software. However, it has been distributed to 1 million persons.
The strangest thing though, is that the hackers weren’t interested in the number of systems they hack. They targeted only 600 specific MAC addresses, despite the effort they put in.
Most of all, it seems that the hackers didn’t stopped here. Kaspersky declared that during the investigation, they discovered the same techniques were used against other software solutions from other three vendors.
The cyber-security company also let ASUS and the other vendors know about this attack.
What do to now
Kaspersky researchers suggest to all ASUS users to update the ASUS Live Update Utility. The company promises their lab solutions will continue to detect and stop all the bad utilities out there.
If you want to learn how to protect your device from these supply-chain attacks, go into the technical details and check if your device has been targeted by this threat.