- The atonement of an alt-right troll 2 Months Ago
- #StopTheBans protests draw thousands across the country in support of abortion rights Today 9:24 AM
- North Korea is using Trump’s low IQ attack on Joe Biden Today 9:14 AM
- How to watch ‘Kidding’ for free Today 8:00 AM
- What’s the deal with Bran Stark at the end of ‘Game of Thrones’? Today 6:30 AM
- How to watch TruTV online for free Today 6:00 AM
- Fans call out Madonna for edited Eurovision video Tuesday 9:36 PM
- Partnered Twitch streamer temporarily banned for airing troll’s racist message Tuesday 8:45 PM
- Reddit theory says fans are wrong about who won ‘Game of Thrones’ Tuesday 6:52 PM
- Elon Musk hires ‘absolute unit’ sheep meme creator to be Tesla’s social media manager Tuesday 6:12 PM
- Jason Momoa stands by his Khaleesi after the ‘Game of Thrones’ finale Tuesday 4:05 PM
- Airbnb, 23andMe partner for creepy heritage travel recommendations Tuesday 3:26 PM
- Rep. Katie Porter goes viral again for trouncing Ben Carson (updated) Tuesday 3:26 PM
- This deepfake takes Bill Hader’s Schwarzenegger impression to the next level Tuesday 2:58 PM
- Wanda Sykes rails against Trump and offers much-needed perspective in ‘Not Normal’ Tuesday 2:41 PM
pgene/Deviant Art (CC-BY)
Hackers have compromised an estimated 1 million computers produced by Taiwan-based technology company Asus with a secret backdoor, Motherboard reports.
The incident, discovered by cybersecurity firm Kaspersky Lab, began last year after the attackers hacked into an Asus server for the company’s live update tool. Dubbed “ShadowHammer,” the attack prompted users to install an update that was even signed with one of Asus’ digital certificates, intended to verify that an update is actually coming from the company.
Kaspersky was able to find the backdoor in January after developing a new method for detecting supply-chain attacks.
While the backdoor is believed to have been installed on the machines of as many a million users, the attackers were only interested in 600 specific targets, although there are possibly more. Those targets were located by their MAC address, a unique identifier for the computer’s network adapter. If the malicious update scanned a victim computer and located one of those MAC addresses, secondary malware would be loaded onto the machine from a server controlled by the hackers.
“They were not trying to target as many users as possible,” Vitaly Kamluk, Asia-Pacific director of Kaspersky Lab’s Global Research and Analysis Team, told Motherboard. “They wanted to get into very specific targets and they already knew in advance their network card MAC address, which is quite interesting.”
Symantec, a U.S.-based cybersecurity firm, was also able to confirm Kaspersky’s discovery, adding that 13,000 of its own customers had been infected with the backdoor. Kaspersky says more than 57,000 of its customers have been affected as well.
Although Kaspersky says it alerted Asus to the issue in late January, the company has thus far failed to alert its customers.
Kaspersky has also released a free tool which can scan a user’s computer to determine if their MAC address was on the hacker’s target list.
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.