- Fortnite streamer Tfue sues gaming organization FaZe Clan over contract dispute Today 12:28 AM
- Report finds some users can’t opt out of Facebook’s face recognition Monday 7:27 PM
- Get emotional over this real-life pastor baptizing an anime girl in virtual reality Monday 6:53 PM
- Twitter wants to know what Jack in the Box did to offend Kim Kardashian Monday 6:38 PM
- ‘Game of Thrones’ meme claims King’s Landing is an ‘inside job’ Monday 6:06 PM
- Report: Personal data of 49 million Instagram influencers exposed online Monday 4:57 PM
- ‘Stranger Things’ season 3 trailer teases a wet, hot American summer Monday 4:02 PM
- What Daenerys’ biggest ‘Game of Thrones’ scenes have in common with Nazi propaganda Monday 3:12 PM
- Here’s what’s coming to Amazon Prime in June Monday 2:11 PM
- Where did Jon Snow go? Unpacking the ‘Game of Thrones’ ending Monday 2:04 PM
- So, did anyone actually win ‘Game of Thrones’? Monday 1:29 PM
- The surprising religious subtext of ‘John Wick: Chapter 3’ Monday 12:53 PM
- Robin Arryn got hot—and the internet is seriously shook Monday 12:40 PM
- Tana Mongeau is going to VidCon a year after TanaCon disaster Monday 12:12 PM
- What have 2020 Democrats said about Alabama’s abortion ban? Monday 11:36 AM
pgene/Deviant Art (CC-BY)
Hackers have compromised an estimated 1 million computers produced by Taiwan-based technology company Asus with a secret backdoor, Motherboard reports.
The incident, discovered by cybersecurity firm Kaspersky Lab, began last year after the attackers hacked into an Asus server for the company’s live update tool. Dubbed “ShadowHammer,” the attack prompted users to install an update that was even signed with one of Asus’ digital certificates, intended to verify that an update is actually coming from the company.
Kaspersky was able to find the backdoor in January after developing a new method for detecting supply-chain attacks.
While the backdoor is believed to have been installed on the machines of as many a million users, the attackers were only interested in 600 specific targets, although there are possibly more. Those targets were located by their MAC address, a unique identifier for the computer’s network adapter. If the malicious update scanned a victim computer and located one of those MAC addresses, secondary malware would be loaded onto the machine from a server controlled by the hackers.
“They were not trying to target as many users as possible,” Vitaly Kamluk, Asia-Pacific director of Kaspersky Lab’s Global Research and Analysis Team, told Motherboard. “They wanted to get into very specific targets and they already knew in advance their network card MAC address, which is quite interesting.”
Symantec, a U.S.-based cybersecurity firm, was also able to confirm Kaspersky’s discovery, adding that 13,000 of its own customers had been infected with the backdoor. Kaspersky says more than 57,000 of its customers have been affected as well.
Although Kaspersky says it alerted Asus to the issue in late January, the company has thus far failed to alert its customers.
Kaspersky has also released a free tool which can scan a user’s computer to determine if their MAC address was on the hacker’s target list.
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.