- How was ASUS's infrastructure compromised?
- How did the hackers manage to get hold of ASUS's digital certificates in order to sign the code to make it appear as though it really were from ASUS?
- Who was behind the attack, and why were they targeting those 600-or-so PCs?
A small number of devices have been implanted with malicious code through a sophisticated attack on our Live Update servers in an attempt to target a very small and specific user group. ASUS customer service has been reaching out to affected users and providing assistance to ensure that the security risks are removed.ASUS says it has implemented a fix in the latest version (3.6.8) of its Live Update software and introduced additional security measures to prevent similar attacks in the future. In addition, the company says it has created a security diagnostic tool that users can run on their affected PCs. The tool can be downloaded directly from ASUS's website. ASUS customers are just the latest in a growing group of victims who have suffered as the result of a supply-chain attack. Perhaps most infamously, consumer goods manufacturer Reckitt Benckiser and shipping conglomerate Maersk lost $100 million and $300 million in revenue, respectively, as a result of NotPetya ransomware that spread initially via a malicious automatic update for an accounting software package.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.