ASUS 소프트웨어 업데이트 해킹에 대해 답변

ment 3/27 '19 posted 뉴스 IT

• 이 문제는이 문제가 '매우 작은' 사용자 수에만 영향을 미친다고 강조하고 있지만이 공격의 잠재적인 범위는 큰 걱정입니다.

• 연구자들은 ASUS 업데이트 서버를 통해 악의적 인 백도어를받은 Windows 컴퓨터가 50 만대라고 추정하고 있지만 공격자는 이 시스템 중 약 600 개만 대상으로 삼고있는 것으로 보입니다.

• 카스퍼스키랩은 다음 달 전체 사건에 대한 기술 보고서를 발표할 예정입니다.

• Asus는 당신의 PC가 회사의 컴퓨터에 대한 새로 발견 된 공급망 공격의 표적이되고 있는지 여부를 판단하는 데 도움이 무료 도구를 출시했습니다.

• 또한 Asus는 악의적인 업데이트가 회사 제품에 미리 설치되어 있고 최신 드라이버 및 펌웨어로 PC를 업데이트 할 수있는 Live Update 소프트웨어를 실행하는 노트북에만 해당된다고 전했습니다.

• 악성 업데이트로 인해 컴퓨터가 백도어로 작동한 경우, Asus는 소유주가 전체 시스템을 공장 출하 상태로 초기화할 것을 권장합니다.

• 흥미롭게도, 신비한 범인은 어떻게든 피해자의 MAC 주소들을 알 수 있었는데, 이는 이전의 일련의 공격 전에 표적을 정찰한 것을 보여줍니다.

…

Operation ShadowHammer: Tens of thousands of computers had a security backdoor installed via Asus' Live Update Utility [www.notebookcheck.net]

We’ve just heard the worrying news that over a million Asus laptops could have been hacked using…

Asus responds to hacking attack [www.techradar.com]

KRISTV.com is your source for continuous news, sports and weather information for Corpus Christi,…

Researchers: ASUS computers infected by auto-update virus [kristv.com]

Security researchers say hackers infected tens of thousands of computers from the Taiwanese vendor…

Hackers Snuck Backdoors Into ASUS Software Updates, Infecting Thousands [gizmodo.com]

Researchers at cybersecurity firm Kaspersky Lab say that ASUS, one of the world’s largest computer…

Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers [motherboard.vice.com]

Asus has released a free tool that can help you determine whether your PC was targeted by a newly…

How to Check if Your Asus PC Was Hit by a Malicious Update [www.pcmag.com]

The company simultaneously reiterated the narrow scope of…

ASUS releases fix for ShadowHammer malware attack [www.engadget.com]

newest replies popular replies

Open Wiki - Feel free to edit it. -

3/27 '19 answered

Hackers Snuck Backdoors Into ASUS Software Updates, Infecting Thousands https://t.co/0Kf01FSBjR
— ZyroFoxtrot??⭐️⭐️⭐️ (@ZyroFoxtrot) March 26, 2019

I am often told I am unreasonably paranoid for doing so much work to mitigate supply chain attacks and pushing RISC-V and OpenPOWER. If you can't audit your hardware/firmware you should assume you are backdoored. First SuperMicro and now ASUS. Who is next? https://t.co/VloQztXZL7
— Lance R. Vick (@lrvick) March 26, 2019

ASUS, one of world’s largest computer makers, installed backdoor on thousands of customer computers last yr after hackers compromised its software update tool. The file was signed w/ ASUS digital certificates to make it look like authentic software update. https://t.co/ni17IEN6Tq
— Kim Zetter (@KimZetter) March 25, 2019

ASUS의 소프트웨어 업데이트 서버, ASUS Live Update 서버가 해킹되었습니다.

해커가 해당 서버에 침입해 수천대의 PC에 패치를 가장한 악성 멀웨어를 심었다고 카스퍼스키 랩이 밝혔습니다.

이는 메인보드는 물론 노트북, 데스크탑, 스마트폰, IoT까지 포함된다고 합니다.https://t.co/aMkYOr9s16
— Longhorni (@longhorn573) March 26, 2019

The always excellent @KimZetter on the ASUS software update attack. https://t.co/h8EPrsPTDX
— matt blaze (@mattblaze) March 26, 2019

This is absolutely insane. Hackers broke into an update server for laptop maker ASUS. The hackers then used it to push malware that looked like a legitimate ASUS update to thousands of computers. A golden supply chain attack leveraging update mechanisms https://t.co/tcq74Df6vg pic.twitter.com/AbRMhgteiq
— Joseph Cox (@josephfcox) March 25, 2019

Asus Live Updater was used in a big supply chain attack we dubbed Operation #ShadowHammer. We estimate this may have affected over 1 million computer users between June and Nov 2018. https://t.co/jTij3NwpSs
— Costin Raiu (@craiu) March 25, 2019

Automatic updates are a good idea... until the update software (or someone up in the supply chain) gets compromised. https://t.co/uuQpfSxa0L via @motherboard
— Alejandro Hevia (@ahevia) March 25, 2019

Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers https://t.co/C4UP0Ek0mM
— Sami Laiho (@samilaiho) March 26, 2019

ASUS, the multi-billion dollar company, “was pushing the backdoor to customers for at least five months last year before it was discovered” FIVE MONTHS FIVE MONTHS https://t.co/0PZXdwzyD6
— jessie frazelle ??‍? (@jessfraz) March 26, 2019

Read this if you have #ASUS machine, and then go to https://t.co/9K5rSiUwJq and verify if your computer is affected.

This is the whole new level of shit ?#hacking #itsecurity #malware #shadowhammer #ASUSLiveUpdater @kaspersky https://t.co/gk95Vnso8o
— bl4de (@_bl4de) March 25, 2019

How to check if your Asus PC was hit by a malicious update: https://t.co/1stajaupSc pic.twitter.com/hQu3JuWLOH
— PCMag (@PCMag) March 26, 2019

Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers https://t.co/cW1cAefqIb
— Ronald Prins (@cryptoron) March 25, 2019

Automatic updates are security holes.

"The researchers estimate half a million Windows machines received the malicious backdoor through the ASUS update server, although the attackers appear to have been targeting only about 600 of those systems."https://t.co/M6l6nBfTy6
— Matt Odell (@matt_odell) March 26, 2019

Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers https://t.co/8GJ4e1Nm4a
— Anonymous Hispano (@anonopshispano) March 26, 2019

Bravo Asus ! Une bonne raison de virer systématiquement tous les bloatware des PC portables... - Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers https://t.co/A9qPH1QOQm
— Doc TB (@d0cTB) March 25, 2019

Yet another beautiful supply chain attack. Why beautiful? It's an exploitation of a fundamental system of trust that remains implicitly trusted. A security problem for which no fundamental solutions exist poses an exciting opportunity! https://t.co/3B5C7zxJfc
— Matt Graeber (@mattifestation) March 25, 2019

If you blindly trust in digitally signed vendor software or even file reputation, think twice & open your eyes to the reality. Supply-chain attacks like #ShadowHammer make zero trust architectures & out-of-band detection more relevant & practical than ever https://t.co/GTMdD1AQaq pic.twitter.com/G7xrwyhQWT
— Ismael Valenzuela (@aboutsecurity) March 26, 2019

Holy supply chain attack batman!@kaspersky found that attackers compromised ASUS and used their live update tool to install digitally signed malware, disguised as updates. Zero trust computing is starting to make more and more practical sense.https://t.co/vJDDLpljWZ
— Jake Williams (@MalwareJake) March 25, 2019

permanent link

Open Wiki - Feel free to edit it. -

3/27 '19 answered

Proof that we as IT Admins need to stay on our toes. Hackers Snuck Backdoors Into ASUS Software Updates, Infecting Thousands<em></em> https://t.co/KZ4JNApTYg via @gizmodo
— Nick the IT Ninja (@NicktheITNinja) March 26, 2019

ASUS is believed to have pushed the #malware to hundreds of thousands of customers through its trusted automatic software update tool after #hackers compromised the company’s server and used it to push the malware to machines?https://t.co/R85J1he1Kx #CyberSecurity|#InfoSec pic.twitter.com/L1hZrgVsNr
— GTI Computers Ltd (@GTIComputersLtd) March 26, 2019

Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computershttps://t.co/2voRyS2ZxL

Kaspersky - Operation ShadowHammerhttps://t.co/RqeommRn0E #BARIUM #Winnti #Asus
— Florian Roth (@cyb3rops) March 25, 2019

Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers. #Cybersecurity #Cybercrime #Cyberattacks #Hackers #Hacking #Malware https://t.co/ppGpNP7kOG via @motherboard
— Aghiath chbib (@AghiathChbib) March 26, 2019

Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers https://t.co/K3q6A1U9Jc
— Rickey Gevers (@UID_) March 25, 2019

ASUS, a Taiwan-based tech giant, “was used to unwittingly install a malicious backdoor on thousands of its customers’ computers last year after attackers compromised a server for the company’s live software update tool.” https://t.co/p7fQnsx7fu
— 4iQ Delve Deep (@4iQ) March 26, 2019

If you have any Asus computers, you need to read this now: https://t.co/rpE7RP4NhX
— Corey Nachreiner (@SecAdept) March 25, 2019

"“ASUS was one of the primary targets of the CCleaner attack. One of the possibilities we are taking into account is that’s how they intially got into the ASUS network and then later through persistence they managed to leverage the access” https://t.co/DSyyxvi2BF
— François Lesueur (@FLesueur) March 26, 2019

How to check if your Asus computer was hit by a malicious update: https://t.co/1stajaupSc pic.twitter.com/VFJvUHmrh9
— PCMag (@PCMag) March 27, 2019

permanent link

Featured

Important Notice: Discontinuation of Our Wiki Service

Dear Valued Users,

We hope this message finds you well. We are writing to inform you of an important upcoming change to our services. After careful consideration and analysis, we have made the difficult decision to discontinue our wiki site, effective one month from 2024/04/30.

This was not an easy decision to make, as we understand the importance of the resources and community that have been built around our wiki. However, due to evolving market conditions and strategic realignments, we must redirect our resources and efforts towards other ventures that will allow us to serve you better in the future.

What This Means for You:

Access to Content: You will continue to have full access to all content on the wiki until the discontinuation date. We encourage you to save or migrate any content you wish to retain.
Final Date of Service: The wiki will become inaccessible starting 1st June 2024, after which all content will be permanently removed.

We are immensely grateful for the support and contributions of our user community throughout the years. The wiki is being retired, but our team will be back soon with new services and apps.

Thank you for being a part of our journey.

Warm regards,

editoy Inc.

Related

Featured