Asus issues ShadowHammer fix, diagnostics

Asus has moved quickly to protect its users from the ShadowHammer advanced persistent threat (APT), having released a fix as well as a diagnostic tool that will let users check if they have been affected.

It has been reported that the supply chain attack, Operation ShadowHammer, targeted users of the ASUS Live Update Utility, by injecting a backdoor into it at least between June and November 2018.

Asus has responded, saying that APT attacks are national-level attacks usually initiated by a couple of specific countries, targeting certain international organisations or entities instead of consumers.

“Asus Live Update is a proprietary tool supplied with Asus notebook computers to ensure that the system always benefits from the latest drivers and firmware from Asus,” the company notes.

“A small number of devices have been implanted with malicious code through a sophisticated attack on our Live Update servers in an attempt to target a very small and specific user group.

“Asus customer service has been reaching out to affected users and providing assistance to ensure that the security risks are removed.”

It adds that the company has also implemented a fix in the latest version (ver. 3.6.8) of the Live Update software, introduced multiple security verification mechanisms to prevent any malicious manipulation in the form of software updates or other means, and implemented an enhanced end-to-end encryption mechanism.

“At the same time, we have also updated and strengthened our server-to-end-user software architecture to prevent similar attacks from happening in the future,” it says.

“Additionally, we have created an online security diagnostic tool to check for affected systems, and we encourage users who are still concerned to run it as a precaution.”

The tool can be found here: https://dlcdnets.asus.com/pub/ASUS/nb/Apps_for_Win10/ASUSDiagnosticTool/ASDT_v1.0.1.0.zip

Asus also encourages all users to download and install the latest version of ASUS Live Update (ver. 3.6.8) from: https://www.asus.com/support/FAQ/101872