On Monday, we saw once again how criminals can exploit trust and use it as a weakness.
Kaspersky Lab reported that one of the world’s largest computer manufacturers, Taiwan-based ASUS, had mistakenly installed a backdoor program dubbed “ShadowHammer” onto the computers of thousands of customers after hackers infiltrated the company’s automated software update system.
Experts offering initial estimates suggest the trojanized update may have affected up to half a million Windows machines. Kaspersky reported 57,000 users of ASUS’s product were attacked, “but we estimate it was distributed to about 1 million people total.” Symantec telemetry showed 13,000 infections (80 percent of which were consumers, not organizations). The full scope of the attack has yet to be established.
The attacker’s motive remains unclear, but Kaspersky noted that 600 MAC addresses were specifically targeted, even though the malicious update affected far more.
Gizmodo has reached out ASUS for a comment and we’ll update as soon one is provided. Motherboard, which broke the news, said it first reached out to ASUS on Thursday but had yet to get a response.