X

Cybersecurity vendor, Kaspersky Labs, has slammed ASUS for selling over one million PCs with malicious trojanized utilities – claiming it’s “one of the biggest supply chain incidents ever.”

asus 300x200 Kaspersky Slam ASUS For Major PC Security Slip

Published to the company’s blog, Kaspersky claims a million ASUS PCs received a malicious software update distributed via official channels.

The news comes over a year after Kaspersky’s own security standards were questioned, with retailers such as Harvey Norman reportedly pulling its products from shelves.

The vendor has since opened a new Swiss data centre to combat spying concerns, and testified before US Congress over its products security in late 2017.

Kaspersky claims the newly discovered ASUS vulnerability is even bigger than the infamous CCleaner debacle.

The cyber-security specialist claims the trojanized utility was signed with a legitimate certificate, and hosted on the official ASUS server dedicated to updates – undetected for a “long time.”

Kaspersky Lab   IFA 2012 1024x682 Kaspersky Slam ASUS For Major PC Security Slip

“The criminals even made sure the file size of the malicious utility stayed the same as that of the original one,” remarks Kaspersky.

“Thanks to a new technology in our products that is capable of detecting supply-chain attacks, our experts have uncovered what seems to be one of the biggest supply-chain incidents ever (remember CCleaner? This one’s bigger)”

“A threat actor modified the ASUS Live Update Utility, which delivers BIOS, UEFI, and software updates to ASUS laptops and desktops, added a back door to the utility, and then distributed it to users through official channels.”

The company claims over 57,000 users of Kaspersky Labs products have installed the backdoored utility, however, is estimated to have been distributed to around 1 million people.

After investigating the attack, Kaspersky claims the same technique has been used against software from thee other vendors, with ASUS and the other companies now informed.

“As of now, all Kaspersky Lab solutions detect and block the trojanized utilities, but we still suggest that you update the ASUS Live Update Utility if you use it. Our investigation is still ongoing.”

Eugene Kaspersky 1024x576 Kaspersky Slam ASUS For Major PC Security Slip

Wave 728x90px Kaspersky Slam ASUS For Major PC Security Slip
BW Trade In 728x90 1 Kaspersky Slam ASUS For Major PC Security Slip
Flick of a switch 728x90 1 Kaspersky Slam ASUS For Major PC Security Slip
2231 NEXUS 4SQM Digital Banner Ads Leaderboard 728x90 Kaspersky Slam ASUS For Major PC Security Slip
SmartHouse Yoga Slim Carbon 728 x 90 Kaspersky Slam ASUS For Major PC Security Slip
LG HE FN Series Banners 4SQM LB 728x90 Kaspersky Slam ASUS For Major PC Security Slip
Olimpia Splendid Unico Cooling 728x90 Kaspersky Slam ASUS For Major PC Security Slip
728x90 Kaspersky Slam ASUS For Major PC Security Slip
Incase LeaderBoard 728x90 Kaspersky Slam ASUS For Major PC Security Slip
728x90 7 Kaspersky Slam ASUS For Major PC Security Slip

YOU MAY ALSO LIKE