It was reported yesterday how hackers had managed to infiltrate countless ASUS systems by distributing a backdoored software update tool from the company’s own servers. The hackers digitally signed the ASUS Live Update Tool with one of the company’s own code-signing certificates before sending it to ASUS’ download servers where the backdoored tool was hosted for several months in 2018. The company today confirmed that it has rolled out a fix for the malware attack.
Hackers used the backdoor in the software update tool to send malware to users’ computers through a command and control server. It’s believed that the hackers were able to get access to the company’s own code-signing certificates through the supply chain.
ASUS said today that it has released an update to thwart this malware attack which security researchers estimate targeted more than a million Asus users. The company said that only “a small number of devices’ had been implanted with malware through this attack.
The company has also said that it’s putting in place “multiple security verification mechanisms” to ensure that something like this does not happen in the future. It has also started using an “enhanced end-to-end encryption mechanism” for this purpose and has made behind-the-scenes server system improvements to thwart similar attacks in the future. One has to wonder why ASUS never did all of this in the first place.