Go Back   IceInSpace > Equipment > Software and Computers

Reply
 
Thread Tools Rate Thread
  #1  
Old 06-05-2019, 01:28 PM
gary
Registered User

gary is offline
 
Join Date: Apr 2005
Location: Mt. Kuring-Gai
Posts: 5,914
Post Operation ShadowHammer malware was covertly inserted into ASUS's Live Update utility

A 1 May 2019 article at the Institute of Electrical and Electronics Engineers
(IEEE) Spectrum magazine web
site reports on work by researchers
at Kaspersky Labs in reverse engineering a sophisticated piece of
malware with the moniker "Operation ShadowHammer" that leveraged
the ASUS Live Update Utility.

ASUS Live Update is a utility that is pre-installed on most ASUS computers
and is used to automatically update certain components such as BIOS
UEFI, drivers and applications.

The attackers managed to insert their malware into the ASUS LIve Update
utility and as part of an elaborate number of measures to help cover their
tracks, signed it with one of ASUS's own digital certificates.

The malware is designed to target machines with specific pools of MAC
addresses.

A large number of machines have received the trojan.

There are clues that the malware may have originated in China.

Story here :-
https://spectrum.ieee.org/tech-talk/...tware-pipeline

Detailed Kapersky Labs forensic report here :-
https://securelist.com/operation-sha...-attack/90380/

Last edited by gary; 08-05-2019 at 10:44 AM. Reason: Kapersky Labs URL revised
Reply With Quote
  #2  
Old 07-05-2019, 01:35 PM
Dennis
Dazzled by the Cosmos.

Dennis is offline
 
Join Date: May 2005
Location: Brisbane
Posts: 11,704
A sobering read Gary. Back to pen, ink, paper and postage stamps for me...

Oh wait, I might still use the Telex Machine.

Cheers

Dennis
Reply With Quote
Reply

Bookmarks

Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +10. The time is now 09:45 PM.

Powered by vBulletin Version 3.8.7 | Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Advertisement
Bintel
Advertisement
Testar
Advertisement