ASUS Patches Live Update Bug That Allowed APT to Infect Thousands of PCs

March 27, 2019

ASUS has expedited a patch for a major bug impacting thousands of PCs that allowed an advanced persistent threat group to launch a supply-chain attack dubbed “Operation ShadowHammer.” The vulnerability targeted a range of new ASUS PCs with a backdoor injection technique tied to the PC-maker’s faulty software update mechanism. The flaw was used to infect thousands of PC and was found by researchers at Kaspersky Lab and revealed Monday.

The attack targeted users of the ASUS Live Update Utility. The China-backed BARIUM APT is suspected to have deployed the backdoor code, which would give it access to impacted systems, according to researchers.

Read More on Threat Post