X

Cybersecurity vendor, Kaspersky Labs, has slammed ASUS for selling over one million PCs with malicious trojanized utilities – claiming it’s “one of the biggest supply chain incidents ever.”

asus 300x200 Kaspersky Slam ASUS For Major PC Security Slip

Published to the company’s blog, Kaspersky claims a million ASUS PCs received a malicious software update distributed via official channels.

The news comes over a year after Kaspersky’s own security standards were questioned, with retailers such as Harvey Norman reportedly pulling its products from shelves.

The vendor has since opened a new Swiss data centre to combat spying concerns, and testified before US Congress over its products security in late 2017.

Kaspersky claims the newly discovered ASUS vulnerability is even bigger than the infamous CCleaner debacle.

The cyber-security specialist claims the trojanized utility was signed with a legitimate certificate, and hosted on the official ASUS server dedicated to updates – undetected for a “long time.”

Kaspersky Lab   IFA 2012 1024x682 Kaspersky Slam ASUS For Major PC Security Slip

“The criminals even made sure the file size of the malicious utility stayed the same as that of the original one,” remarks Kaspersky.

“Thanks to a new technology in our products that is capable of detecting supply-chain attacks, our experts have uncovered what seems to be one of the biggest supply-chain incidents ever (remember CCleaner? This one’s bigger)”

“A threat actor modified the ASUS Live Update Utility, which delivers BIOS, UEFI, and software updates to ASUS laptops and desktops, added a back door to the utility, and then distributed it to users through official channels.”

The company claims over 57,000 users of Kaspersky Labs products have installed the backdoored utility, however, is estimated to have been distributed to around 1 million people.

After investigating the attack, Kaspersky claims the same technique has been used against software from thee other vendors, with ASUS and the other companies now informed.

“As of now, all Kaspersky Lab solutions detect and block the trojanized utilities, but we still suggest that you update the ASUS Live Update Utility if you use it. Our investigation is still ongoing.”

Eugene Kaspersky 1024x576 Kaspersky Slam ASUS For Major PC Security Slip

4SQR Logi MX keys Mini 728x90 1 Kaspersky Slam ASUS For Major PC Security Slip
G415 SmartHouse 728x90 v2 Kaspersky Slam ASUS For Major PC Security Slip
ARL0546 Arlo Go 2 Banner 728x90px 72dpi V2 Camping Kaspersky Slam ASUS For Major PC Security Slip
Litheaudio 0222 728x90 1 Kaspersky Slam ASUS For Major PC Security Slip
728x90 Kaspersky Slam ASUS For Major PC Security Slip
BlueAnt PumpAirLite WebBanners 728x90 Kaspersky Slam ASUS For Major PC Security Slip
728x90 4 Kaspersky Slam ASUS For Major PC Security Slip
CUST Retention FY22 Sport WinterCodes Q3 NRL 728x90 Kaspersky Slam ASUS For Major PC Security Slip
Leaderboard 728x90 Kaspersky Slam ASUS For Major PC Security Slip
Suunto 728X90 Kaspersky Slam ASUS For Major PC Security Slip

YOU MAY ALSO LIKE