Half A Million of PCs Hacked When Running Asus Software Update

According to a report from Kaspersky Lab, Asus, the hardware company from Taiwan, injected malware into about 500,000 computers by chance when these computers installed its official software update in 2018. That happened after a series of Asus’s servers became the target of cyber attacks. Until January 2019, the general public heard about the incident, which means five months went by since the release date of the software update.

At least about 500,000 computers were hacked when running the Asus software update.

Also in its report, the cybersecurity company indicated that only 600 systems were hacked and how hackers used to attack these systems was to make use of their distinctive MAC addresses to search for the targets. In other words, hackers leveraged trusted channels of vendors to have malware installed on the systems as mentioned above. According to Symantec, a security firm which is headquartered in the US, that’s exactly what took place in Asus computers with the latest software update.

In addition, the Motherboard also received the confirmation from Symantec, saying that about 13,000 customers or more had their computers hacked when installing the Asus’s hazardous software update in 2018. Until now, the company has been determining how many hacked computers there have been in reality.

Kaspersky Lab further said that the company has detected the malware in more than 57,000 computers. Hackers made use of two various digital certificates of Asus to sign the malicious file, and therefore they can attack their targets. The period of validity of the first certificate was before the middle of 2018, and it’s time for the second one was valid.