ASUS patches the Live Update software exploited in ‘Operation ShadowHammer’ campaign
- ASUS has come up with a security update to patch the Live Update software. The fix is implemented in the latest ASUS Live Update version 3.6.8.
- ASUS stated that only a small number of specific user group were targeted in the ‘Operation ShadowHammer’ attack.
What is the issue - Researchers from Kaspersky observed a campaign dubbed ‘Operation ShadowHammer’ that targets the supply chain by exploiting the backdoored version of ASUS Live Update Software.
What was the immediate action taken - Now, ASUS has come up with a security update to patch the Live Update software. The fix is implemented in the latest ASUS Live Update version 3.6.8.
- ASUS has introduced multiple security verification mechanisms to avoid any malicious manipulation in the form of software updates.
- ASUS has also updated its end-to-end encryption mechanism.
- The company has further enhanced its server-to-end-user software architecture to prevent future attacks.
- The company is also contacting the potentially affected users and providing assistance to ensure that the security risks are removed.
- ASUS has also developed an online security diagnostic tool to check for infected systems.
- It has requested affected users to run a backup of all files and restore their operating system to factory setting.
Worth noting
- ASUS stated that only a small number of specific user group were targeted in the ‘Operation ShadowHammer’ attack.
- The company noted that only the version of Live Update used for notebooks has been affected.
“A small number of devices have been implanted with malicious code through a sophisticated attack on our Live Update servers in an attempt to target a very small and specific user group,” ASUS stated.
This is a contrast to Kaspersky and Symantec's estimations. Kaspersky noted that the ‘Operation ShadowHammer’ campaign has impacted over 1 million users who have downloaded the backdoored ASUS Live Update Sofware on their systems.