ASUS laptop users must have recently received an ASUS Live Update which they had to update. Some users may not have received it, whereas some may not have updated despite receiving the update. Those are definitely the lucky ones this time, because the ASUS Live Update was attacked by a Malware, and the integrity of the software of the device were compromised. The malicious software updates were installed backdoors on the ASUS machines. This fault was first recognized by Kaspersky. According to Kaspersky, ASUS had unintentionally installed backdoors on the machines. The attack has been identified as a chain of attacks and it also leveraged the ASUS Live Update. The attack has been named as ShadowHammer and the operation to recognize the attack was called Operation ShadowHammer.
The main weapon of the virus was to exploit the MAC addresses of the machines. The malware tracks the MAC Addresses of the ASUS computers, and locked on the target devices and reached to a command and control server. The server installed the malware camouflaged in the form of ASUS Live Updates on ASUS laptops and devices.
Vitay Kamluk, Asia-Pacific director of Kaspersky, said, “This attack shows that the trust model we are using based on known vendor names and validation of digital signatures cannot guarantee that you are safe from malware.”
You can also learn if your ASUS device has also been attacked:
Steps To Check Your ASUS device for Asus Update Malware or ShadowHammer Cyberattack
1.Open the Cortana search bar and type Command Prompt. In the right panel, click on Run as Administrator. This will open the Elevated Command Prompt. This step is for Windows 10 users.
2. So, once you open the Command Prompt, type the following command:
getmac /v /fo list
3. You will get the MAC address or physical address corresponding to your connection. Note it down.
4. Next, visit the Kaspersky ShadowHammer checking page. Here, you will find a field to enter your MAC address. Type the MAC Address and click on Check Now.
5. You will get your result.