According to cybersecurity firm Kaspersky Lab, the malware was sent to systems via Asus’ servers disguised as a ‘critical’ software update. And since it had a real Asus certificate, it looked exactly like an authentic update. The malware was planted by hackers in a targeted attack that has now been named as ‘ShadowHammer’. And now, the Taiwanese electronics company has said that it has come up with a fix for the malware in the form of a real security update, which can be downloaded using its Live Update software tool.
Asus has also added that users can go to its ‘security diagnostic’ tool to check if their system has been infected with malware. The company has said in its press release that it encourages “users who are still concerned to run it as a precaution.” However, we should point out that in its press release, Asus has not issued an apology for the malware being spread via its servers in the press release. In fact, it has downplayed the entire incident saying, “Only a very small number of specific user group were found to have been targeted by this attack and as such, it is extremely unlikely that your device has been targeted.” But as we mentioned earlier, Kaspersky Lab said that the malware was distributed to as many as 1 million PCs and the first report about the hack stated that hundreds of thousands of machines have the malware installed already. Furthermore, the numbers given by Kaspersky are in line with the ones that have been shared by Symantec. While Asus may say that this is a small number, we don’t agree. The Taiwanese company did say in its press release that it has taken the required steps to ensure that a Trojan horse like this would not be able to make it through its servers again. It says that it has added “multiple security verification mechanisms to prevent any malicious manipulation” and in addition to this, the company has also enabled “an enhanced end-to-end encryption mechanism.” The consumer electronics company also said, “At the same time, we have also updated and strengthened our server-to-end-user software architecture to prevent similar attacks from happening in the future.”