Asus responds to major hack with no details, apology

By on
Asus responds to major hack with no details, apology

The response from Asus to a seemingly major compromise of its own PC update software lacks a specific accounting for what happened, raising further questions about the vendor's cybersecurity approach.

On Monday, cybersecurity firm Kaspersky Lab disclosed that Asus' Live Update software was compromised by hackers last year in order to deliver malware to users. The firm estimated that about 1 million users were affected by the malicious update, which was delivered between June and November of 2018. Symantec confirmed the attack on Monday.

Asus responded a day later, saying that it was deploying a fix to its Live Update software along with improved security such as added verifications and encryption. Asus blamed the attack on "Advanced Persistent Threat (APT) groups."

But the response stops short of giving specifics on what happened—such as explaining why the attacks were able to succeed.

Asus did not immediately respond to a request for comment.

Notably, the statement from Asus takes the approach of responding to "media reports" rather than to the attack itself.

The statement also indicates that only a "small number of devices" were affected, seeming to contradict Kaspersky Lab's findings.

Kaspersky Lab said it had so far uncovered more than 57,000 users with the backdoored utility. The firm has referred to the hack, which it's calling "ShadowHammer," as "one of the biggest supply-chain attacks ever."

Asus did appear to agree with Kaspersky Lab's assessment that hackers only meant to target a relatively small number of users with the attack.

In response to the "sophisticated attack," Asus has "introduced multiple security verification mechanisms to prevent any malicious manipulation in the form of software updates or other means, and implemented an enhanced end-to-end encryption mechanism," the company said in its statement. "We have also updated and strengthened our server-to-end-user software architecture to prevent similar attacks from happening in the future."

This article originally appeared at crn.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © 2018 The Channel Company, LLC. All rights reserved.
Tags:

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Poll

The channel is a juicy hacking target - are you improving security?
YES - recent attacks on MSPs spurred us to action
YES - we're ALWAYS improving our security stance
YES - we've noticed new forms of attack
NO - we're confident our past efforts are enough, but are always vigilant
NO - we don't see the need for change at this time
View poll archive

Log In

Username / Email:
Password:
  |  Forgot your password?