. home.aspx



ASUS users targeted in large supply chain attack

March 25, 2019 / Ry Crozier

Users infected via software update utility. Kaspersky Lab researchers have uncovered a large-scale attack against ASUS users in which a software update utility was modified and used to distribute malware. The researchers said investigations into the attack - dubbed Operation ShadowHammer - are “still ongoing”, though they expect to publish a detailed technical paper and present their findings at a security conference in Singapore in mid-April. Kaspersky said the attack “seems to be one of the biggest supply-chain incidents ever” and estimates a million people may have been exposed to the malware. However, only a small number of users appeared to be of any interest to the attackers. “They targeted only 600 specific MAC addresses,” the researchers said in a blog post early on Tuesday. Kaspersky researchers said they had detected the attack in January this year “thanks to a new technology in our products”. The attack was live “between ...