Hackers installed malware on ASUS computers using automatic update tool

The Taiwan-based computer hardware company ASUS is thought to have unwittingly distributed malicious software through its automatic update tool, Motherboard writes. The attack was noticed by the researchers at cybersecurity firm Kaspersky Lab at the end of January. The malicious update was signed with legitimate ASUS digital certificates, making the file seem like a genuine ASUS file. When downloaded, the malicious software could be used as a backdoor to a victim’s computer.

The researchers said ASUS kept pushing the malicious file to the customers for at least five months last year. According to Kaspersky Lab, “over 57,000 Kaspersky users have downloaded and installed the backdoored version of ASUS Live Update.” Worldwide, more than a million people could have been affected. Moreover, the malware was targeted to specific MAC addresses. When a targeted address was detected, the malware installed additional malware. However, even if silent, the malware provided a backdoor into all infected systems.