- Gendry is making a new weapon for Arya Stark—but what is it? 4 Weeks Ago
- The live-action Halo series could be Showtime’s most ambitious project yet 4 Weeks Ago
- How to watch Turner Classic Movies for free Today 5:30 AM
- How to watch Real Madrid vs. Athletic Bilbao online for free Today 5:00 AM
- ‘Star Trek’s Jonathan Frakes calls out your lies with this new meme Saturday 3:46 PM
- #JusticeForLucca trends after video shows police slam Black teen’s head into pavement Saturday 3:11 PM
- The internet is shocked to learn that Goombas do, in fact, have arms Saturday 2:02 PM
- PayPal, GoFundMe cut off armed militia that detains migrants at border Saturday 1:16 PM
- Barnwood theft may be on the rise because of ‘Fixer Upper’—and fans aren’t having it Saturday 12:23 PM
- Literary Twitter calls out Dzanc Books for Islamophobic, racist novel Saturday 11:40 AM
- How to watch Crawford vs. Khan online Saturday 10:00 AM
- Beyoncé has 2 more projects coming to Netflix after ‘Homecoming’ Saturday 9:53 AM
- How to watch Danny Garcia vs. Adrian Granados for free Saturday 9:00 AM
- The ‘Feeling Cute Challenge’ turns ugly after correctional officers abuse it Saturday 7:30 AM
- How to watch ‘How High 2’ for free Saturday 7:00 AM
pgene/Deviant Art (CC-BY)
Hackers have compromised an estimated 1 million computers produced by Taiwan-based technology company Asus with a secret backdoor, Motherboard reports.
The incident, discovered by cybersecurity firm Kaspersky Lab, began last year after the attackers hacked into an Asus server for the company’s live update tool. Dubbed “ShadowHammer,” the attack prompted users to install an update that was even signed with one of Asus’ digital certificates, intended to verify that an update is actually coming from the company.
Kaspersky was able to find the backdoor in January after developing a new method for detecting supply-chain attacks.
While the backdoor is believed to have been installed on the machines of as many a million users, the attackers were only interested in 600 specific targets, although there are possibly more. Those targets were located by their MAC address, a unique identifier for the computer’s network adapter. If the malicious update scanned a victim computer and located one of those MAC addresses, secondary malware would be loaded onto the machine from a server controlled by the hackers.
“They were not trying to target as many users as possible,” Vitaly Kamluk, Asia-Pacific director of Kaspersky Lab’s Global Research and Analysis Team, told Motherboard. “They wanted to get into very specific targets and they already knew in advance their network card MAC address, which is quite interesting.”
Symantec, a U.S.-based cybersecurity firm, was also able to confirm Kaspersky’s discovery, adding that 13,000 of its own customers had been infected with the backdoor. Kaspersky says more than 57,000 of its customers have been affected as well.
Although Kaspersky says it alerted Asus to the issue in late January, the company has thus far failed to alert its customers.
Kaspersky has also released a free tool which can scan a user’s computer to determine if their MAC address was on the hacker’s target list.
Mikael Thalen is a freelance journalist based in Seattle, covering all things technology, including social media, data breaches, hackers, and more.