ASUS Live Update compromised by attackers

By | March 28, 2019
Print Friendly, PDF & Email

ASUS Live Update compromised by attackers

If you have an ASUS computer, this is for you.

ASUS Live Update was compromised by attackers and loaded with a malicious update – a backdoor Trojan known as Operation ShadowHammer. As of right now, it’s estimated that around a half-million Windows (ASUS) computers have had the malicious backdoor installed on their computers via compromised ASUS updates. This fake ASUS update server was operated by attackers. ASUS denied that its server was compromised, however, the malware samples trail leads right back to the Asus server, according to vice.com.

Apparently, ASUS is no longer denying the attack as they are distributing a small program to help ASUS users check to see if their computers have been compromised.

If you have an ASUS computer running any version of Windows, you can download a small program from ASUS to check your computer to see if it has been compromised.  You can download the tool from here. Once you download it, unzip it and double-click on the exe file to run it. 

Cloudeight InfoAve

Cloudeight InfoAve

Since this backdoor was sent to ASUS computer users via a trusted channel (ASUS Live Update), it may have been able to bypass most security software.

3 thoughts on “ASUS Live Update compromised by attackers

  1. Nigel Lemon

    when i click on it and it has downloaded, crafty file viewer comes up and just gives me gibberish can I get rid of cfv or is there another way to unzip
    Thank you

    Reply
    1. infoave Post author

      The file is a standard zip file. If you can’t open zip files, then you have something misconfigured. What is “crafty file viewer”. You need to set your computer’s defaults back to normal or else install a zip program like 7-Zip. The problem isn’t with the zip file you downloaded, it’s with your computer configuration.

      Reply
  2. Nigel Lemon

    Hi thank you for your reply. I have no idea what crafty file viewer is. I did not knowingly download it.
    I have now deleted it and have had no trouble with the download . My PC is clear
    Thank you
    Nigeln

    Reply

Leave a Reply to infoave Cancel reply

Your email address will not be published. Required fields are marked *