Millions of ASUS Systems Hacked
This week, Kaspersky labs revealed that criminals hacked millions of ASUS systems, for reasons still not known. Hackers broke into the ASUS Live Update tool to infect the systems under everyone’s noses.
What is Live Update, and what happened?
The Live Update tool from ASUS comes preinstalled on most of their systems. So if you own an ASUS laptop or PC, chances are you have the tool. In general it is very useful, keeping ASUS software and drivers up to date, and thus also keeping your system secure. But that also made it a great target for hackers.
Since the tool is so common on ASUS systems, breaking into it allowed the hackers into millions of computers. The attack compromised just about every ASUS system with Live Update. And on each of these systems, the crooks downloaded a special malware.
What does the Malware Do?
This is where things get especially interesting. The criminals targeted specific systems, at least 600, but not every system. The malware checks to see if it is installed on one of these systems. If it is, the malware downloads a bigger payload, but if not, it tries to hide itself.
It seems like they wrote the code to hide on systems, possibly for use later. This means that though the malware won’t affect everyone right away, it may in the future. Removing it should be a high priority for any ASUS user.
How do I know if they hacked my system?
Because the code is so stealthy, most users will not notice any difference on their systems. Unless you are one of the few that had malware directly installed, you might think your computer is perfectly fine. But as we mentioned before, the hackers may have future plans for the other infected systems
Thankfully ASUS put out a tool on Tuesday that checks for the bad code. This checks to see if your systems are among the millions of hacked ASUS systems, even if it didn’t install more malware. So running it is an important first step, but there’s more that you can do.
ASUS also released a newer version of the Live Update tool, which you should download directly from them. The new version, v3.6.8, runs with more secure communication so that the hackers cannot modify it. If you plan to continue using Live Update, make sure to download this very soon.
What else can I do?
Making sure you have proper security on your networks is key. Properly configured firewalls can often prevent malware from ever making it to the systems. And many modern endpoint security programs recognize malicious behaviors on systems to put an end to malware fast.
Elements like these are key to any network’s defense, but many people overlook even basic steps like these. Don’t be a victim— contact Haider Consulting today to see how we can defend your systems with the proper, custom-fit security for your unique needs!