March 26, we learned about the attackers using ASUS Software Updates to hide the shadow hammer backdoor malware into the software update. The software updates were sent to millions of computers and infected nearly 10 per cent of them. But now, the company has sorted out the issue and released a clean software update, which is meant for all of the computers that received the infected update. Everyone was shocked when the attackers hijacked the Automated software update system and injected the Shadow Hammer backdoor to the scheduled software updates. More disastrous was the delivery of the infected software updates to all of the ASUS hardware users worldwide.
The attackers used the supply-chain attack method, which uses third-party service to distribute the malware. Being used ASUS’s software update distribution network, all of the computers that installed the update got infected. But now the company has fixed the issue and released a new software update that has no infected backdoor. Also, ASUS has included a second security parameter, which is a tool that allows you to check for Backdoors on your computer. In an official Press Release, ASUS recommended the users to run the tool and scan their computers.
In the press statement, ASUS informed the customers about the attack and the release of a new software update and the scanning tool. The company did not apologise to the customers and said that the issue with software updates only affected a bunch of computers and it was not widespread. The company announced that they are going to implement multiple security parameter checking before sending out software updates, to prevent such mishap which could affect millions of users at once. Also, ASUS said they’d upgraded the server-to-user system for delivering the software updates automatically to prevent such infiltration attacks.