Half a million computers hacked via server at Taiwan's ASUS: report

ASUS denies Kaspersky Lab allegations that malware came from compromised server

ASUS faces accusations that hackers used its server to spread malware.

ASUS faces accusations that hackers used its server to spread malware. (CNA photo)

TAIPEI (Taiwan News) - As many as half a million computers might have installed malware disguised as an update from electronics giant ASUS after the Taiwanese company’s server was hacked, according to cybersecurity firm Kaspersky Lab.

A report in Motherboard magazine quotes researchers at the Russian company saying that the practice lasted five months last year before it was discovered.

The attack, dubbed “ShadowHammer,” involved hacking a server at Asustek Computer Inc. to send malware disguised as software updates from the Taiwanese company. The files were even signed with ASUS “digital certificates” to make them look authentic, Motherboard reported.

The original malware then went on to install backdoors on up to 500,000 Windows computers which would allow the hackers to launch even more malware later on.

Kaspersky Lab said it discovered the practice in January after it had updated its own scanning equipment to catch sophisticated malware.

The type of hacking involved has been described as a “supply-chain attack,” with malicious software being installed on system as they are produced or assembled, or later through trusted vendor channels, Motherboard reported.

Kaspersky Lab said it would reveal more details about the hacking of ASUS at a company summit in Singapore next month.

The Taiwanese company denied its server was compromised, the Russian researchers noted.