- 2020 Democrats refuse to answer our questions about ‘Cats’ Friday 4:14 PM
- Belle Delphine’s Instagram account removed after mass reporting campaign Friday 4:08 PM
- Mariah Carey refuses old-age FaceApp challenge Friday 3:19 PM
- Journalists horrified by consolidation of Gatehouse, Gannett Friday 3:12 PM
- Facebook and Google could be tracking you on porn sites Friday 1:42 PM
- 7 best sites for psychic love readings Friday 1:20 PM
- Driver demonstrates why you always need to read road signs Friday 12:58 PM
- Area 51 remix video proves it’s the summer of Lil Nas X Friday 12:26 PM
- ‘ICE will come’: Convenience store clerk threatens customers speaking Spanish Friday 12:11 PM
- Rand Paul dodges questions about 9/11 Victims Fund, says ‘watch Fox News’ Friday 11:51 AM
- Report: ‘Stranger Things’ season 4 to begin shooting in October Friday 11:03 AM
- AT&T paid Michael Cohen to consult on net neutrality, FBI documents show Friday 9:10 AM
- Mysterio’s ruse changes on a second viewing of ‘Far From Home’ Friday 9:06 AM
- Twitter overturns Barrett Brown’s third permanent suspension Friday 8:49 AM
- How to live stream Liga MX Friday 7:56 AM
pgene/Deviant Art (CC-BY)
Hackers have compromised an estimated 1 million computers produced by Taiwan-based technology company Asus with a secret backdoor, Motherboard reports.
The incident, discovered by cybersecurity firm Kaspersky Lab, began last year after the attackers hacked into an Asus server for the company’s live update tool. Dubbed “ShadowHammer,” the attack prompted users to install an update that was even signed with one of Asus’ digital certificates, intended to verify that an update is actually coming from the company.
Kaspersky was able to find the backdoor in January after developing a new method for detecting supply-chain attacks.
While the backdoor is believed to have been installed on the machines of as many a million users, the attackers were only interested in 600 specific targets, although there are possibly more. Those targets were located by their MAC address, a unique identifier for the computer’s network adapter. If the malicious update scanned a victim computer and located one of those MAC addresses, secondary malware would be loaded onto the machine from a server controlled by the hackers.
“They were not trying to target as many users as possible,” Vitaly Kamluk, Asia-Pacific director of Kaspersky Lab’s Global Research and Analysis Team, told Motherboard. “They wanted to get into very specific targets and they already knew in advance their network card MAC address, which is quite interesting.”
Symantec, a U.S.-based cybersecurity firm, was also able to confirm Kaspersky’s discovery, adding that 13,000 of its own customers had been infected with the backdoor. Kaspersky says more than 57,000 of its customers have been affected as well.
Although Kaspersky says it alerted Asus to the issue in late January, the company has thus far failed to alert its customers.
Kaspersky has also released a free tool which can scan a user’s computer to determine if their MAC address was on the hacker’s target list.
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.