Live Update is a piece of utility that is pre-installed on many ASUS PCs out there which helps customers receive system updates for their machine easily. However, Kaspersky Lab recently has revealed that the server used to deliver the update has been hacked between June and November last year.
Subsequently, the hackers have then injected a backdoor into the ASUS Live Update utility. Nicknamed as ShadowHammer, Kaspersky stated that the hacker somehow has a specific list of targets involving 600 systems in which the malware can identify using their MAC addresses. If the MAC addresses of the affected system matched the list, the malware will then download another set of infection into the system.
According to its internal statistics, Kaspersky stated that the compromised utility has been downloaded and installed by more than 57,000 of its users. At least another 13,000 Symantec customers have also been affected by the same malware although Kaspersky believed that the actual infection has a much bigger footprint and could possibly affecting more than one million users globally.
Kaspersky has apparently made effort to inform ASUS regarding the malware attack but the response from the company appeared to be rather lackluster. That being said, the Taiwanese company has promised to provide an official statement to The Verge today.
For the meantime, do compare the MAC address of your ASUS PC on this website by Kaspersky to see whether your ASUS machine has been infected by the malware or otherwise.
(Source: Kaspersky – 1, 2, 3 via Motherboard // The Verge. Additional image: ASUS.)
