Asus has been the victim of an attack. Attackers have managed, apparently, in the Server, break in and malicious software in clients downloads to infiltrate. Via the automatic Update function this Software was distributed to hundreds of thousands of computers; two percent of the victims are from Switzerland. The Criminals were able to sign the Software even digital that to draw you as a real Update.
this attack was Discovered – in the meanwhile, the martial name "Shadow Hammer" (twilight's hammer) is wearing – from the security firm Kaspersky. In a blog post he will be described in Detail. Between June and November 2018, the attack took place and was only discovered in January 2019. Kaspersky has subsequently contacted Asus to stop the attack.
According to Kaspersky two percent of the victims of the "shadow hammer" sitting in Switzerland.
Despite the large-scale attack, it had said, the hackers apparently only to a few victims. In the Code of the malicious software, security researchers have found 600 addresses of network adapters. Only if the malicious software has found a suitable address, you will become active in order to load further malware from the net. This is reminiscent of a case two years ago, where the popular Windows-Software CCleaner infected and about the automatic Update feature shipped. Here, too, it came to light that it was only 40 computers in 12 companies (see Also Hacker work from nine to five).
Computer in Chernobyl failed
In another case, the Update of an accounting was infected software, the Trojan "NotPetya". He has taken care of 2017 for a huge damage. Were affected at that time, large and small businesses, and even in the NUCLEAR ruins of Chernobyl, at the time, failed Windows Computer for the measurement of Radiation.
Kaspersky points to another danger, in the be Increase: The so-called supply-chain attacks, i.e. attacks via the supply chain: The Software is introduced at the supplier and passes through the manufacturer in the final products. This can happen on Updates, but also during the fabrication process. The USA have last year established a task force to take countermeasures. The Online magazine "Motherboard" quoted a high-ranking employee of the U.S. foreign intelligence service NSA, says that this new form of Attack came from the category of "Big Deals": As people have planned carefully. Nevertheless, it was the wood, hammer method, if thousands of people were affected, although only a few victims.
Are you affected?
where the attack and who was targeted, Kaspersky found out, or not communicating. Since the malicious software it except it has only a few computers, the vast majority of owners of the Asus PC's and Laptops will be out, even if the Software should be reached via the Update on the device. Kaspersky provides a program that verifies whether the Software is present and whether the device comprises one of the network addresses to which the attack is targeted. Download the. Exe file under kas.pr/shadow hammer. (Editorial Tamedia)
Created: 26.03.2019, 10:38 PM