27 March update: ASUS has implemented a fix in the latest version of the Live Update software (ver 3.6.8) and increased end-to-end security, while also strengthing the security on its servers to ensure an attack of this nature doesn't happen again, according to a statement on its website.
ASUS has also included a download link to an online security diagnostic tool that users can run as an extra precaution if they're still concerned.
Kapersky has revealed that the Live Update Utility tool provided by ASUS has been hacked and that users who have downloaded the software could be exposed to harmful malware.
The attack, which has been called Operation Shadowhammer, was designed to target a specific pool of users that were identified by their network adapters’ MAC addresses.
You can enter your device's MAC address into this tool built by Kaspersky to find out if your device was targeted.
This particular type of attack is known as a ‘supply chain’ attack. The hackers apparently broke into ASUS’s own update servers and replaced the valid software with an infected version. This version appeared identical to the legitimate software and because of this was left on the ASUS servers undiscovered ‘for a long time’.
On the bright side, if you’re not one of the very few people specifically targeted by this attack, you probably don’t have much to worry about. The attack was targeted at a list of people that had something specific that the nefarious party was looking for, so if you’re just an average consumer who uses their ASUS computer to shop online, look at cat pictures and play games, you almost certainly don’t have anything to worry about.
Kaspersky notified ASUS of the attack on 31 January this year, while also mentioning that during its investigation it found the same techniques were used against software from three other vendors too, although it wasn’t specific as to which companies this might be.
You can read Kasperky's full report for more details.
How to remove the ASUS Shadowhammer virus
If you’re worried about being affected by the Shadowhammer ASUS attack, then we recommend you do the following:
- Uninstall the Asus Live Update Tool
- Follow the instructions in our article on how to remove a virus from your laptop or PC.
- If you don’t have an antivirus we would heavily recommend that you try BitDefender or another of our recommended antivirus programs
- Consider getting a VPN for an extra layer of security
At this point, ASUS will have fixed the problem so the software found on their website will be safe for download and use again. You can also be sure they will have beefed up the security around their download servers too.