Potentially more than one million ASUS devices have been compromised by a supply chain attack dubbed Operation ShadowHammer, discovered by Kasperky Lab researchers and announced on Monday.
A cybercriminal campaign focused on targeting the supply chain through the exploitation of ASUS Live Update software may have involved the installation of backdoors on over one million PCs.
On Monday, researchers from Kaspersky Lab said the attack was first detected in January 2019. It is believed that the campaign, dubbed Operation ShadowHammer, took place between June and November 2018 and has potentially compromised countless users—despite there being only a small list of individuals the hackers wished to target.
Operation ShadowHammer leverages the ASUS Live Update Utility, which comes pre-installed on the majority of ASUS computers.
ASUS Live Update is intended for ensuring computer systems, such as drivers, apps, BIOS, and UEFI all receive upgrades and patches when they are due, but it is this valuable utility that cyberattackers have managed to compromise.