The software update service for Taiwan-based tech manufacturer Asus was hacked and exploited to disseminate malware from June to November 2018, cybersecurity firm Kaspersky Lab says. The firm discovered the "chain attack" in January 2019, Trend reported citing Sputnik.
The malware was signed with the official Asus digital certificate and in general appeared to be a genuine software update, one marked as "critical," at that, the Kaspersky Lab said, Motherboard reported Tuesday.
It appears that, despite being distributed globally, the malware was targeted at a relatively small pool of some 600 machines with specific media access control (MAC) addresses. Should the malware discover the MAC it was looking for, it would then open the door for more malicious programs to further compromise the system.
This mode of operation led Kaspersky Lab to compare the attack to the infamous Stuxnet, a widely speculated US/Israeli-developed cyberweapon, which was also distributed indiscriminately but did little to no harm on most infected systems.
According to The Verge, Asus has not yet contacted customers or taken action to stop the spread of the malware. In an email to the website, the company promised to come up with an official statement by Tuesday afternoon. The original report by Motherboard says Asus initially denied that the malware had originated from its servers.
Kaspersky Lab reported that approximately 57,000 people using its antivirus software had their machines infected by the malware; the company estimates that while the total number of affected machines could be "hundreds of thousands," it also adds that the malware may potentially affect up to 1 million computers worldwide.