Hackers Install Backdoors on Thousands of Computers

Researchers at cybersecurity firm Kaspersky Lab claim that ASUS, one of the world's largest computer manufacturers, was used to unintentionally installing a malicious backdoor on thousands of client computers after the attack. a server for the live software update tool of the company in danger of extinction. The malicious file has been signed with legitimate digital certificates from ASUS to appear as a genuine software update of the company, says Kaspersky Lab.

The malware searched the target systems using their unique MAC addresses. If the malicious software resides on a system that has found one of these targets, it attacks a command and control server controlled by an attacker, which then installs it on those computers.

Kaspersky Lab said it discovered the attack in January after adding a new supply chain discovery technology to its scanning tool to capture abnormal code snippets hidden in a legal code or intercept code that interrupts the normal operation of a server.

The problem highlights the growing threat of so-called supply chain attacks, in which software or malicious components are installed on manufactured or assembled systems, or later through trusted provider channels. While the supply chain approach is primarily the possibility of adding malicious implants to hardware or software during manufacturing, vendor software updates are an ideal way to provide malware to hackers. after its sale to the systems, the clients trust in the updates of the suppliers.