57,000 ASUS computers affected by virus, more than 1M could be infected, Kaspersky warns

DAILY SABAH WITH AGENCIES
ISTANBUL
Published 26.03.2019 19:30
This Feb 23, 2019, photo shows the inside of a computer with the ASUS logo in Jersey City, N.J. Security researchers say hackers infected tens of thousands of computers from the Taiwanese vendor ASUS with malicious software for months. (AP Photo)
This Feb 23, 2019, photo shows the inside of a computer with the ASUS logo in Jersey City, N.J. Security researchers say hackers infected tens of thousands of computers from the Taiwanese vendor ASUS with malicious software for months. (AP Photo)

A virus spreading through an online automatic update service was detected on computers produced by Taiwanese technology company ASUS after one of the laptop maker's servers was hacked last year, cybersecurity and anti-virus provider Kaspersky Lab announced Monday.

The Russian company said that they had identified through their antivirus software a malicious software that creates special security gaps called "backdoors" on 57,000 ASUS brand computers.

The company said this new threat called an "advanced persistent threat (APT)" had affected a large number of users with a method known as a "supply chain attack."

Some 50 percent of the affected computers were owned by users from Russia, Germany, and France, experts from the company said, adding that the virus is believed to have infected about a million computers worldwide. Less than five percent of the computers affected were in the U.S.

"The trojanized utility was signed with a legitimate certificate and was hosted on the official Asus server dedicated to updates, and that allowed it to stay undetected for a long time," Kaspersky said.

"We are not able to calculate the total count of affected users based only on our data; however, we estimate that the real scale of the problem is much bigger and is possibly affecting over a million users worldwide," it added.

American antivirus company Symantec also reported that 13,000 ASUS computers using their own antivirus software had been infected by the virus.

Kaspersky said that while it was too early to know who was behind the operation, it was consistent with a 2017 incident blamed by Microsoft on a Chinese state-backed group the company calls BARIUM.

Asus released a statement saying it had upgraded its software to "prevent any malicious manipulation in the form of software updates or other means".

"ASUS customer service has been reaching out to affected users and providing assistance to ensure that the security risks are removed."

AsusTek Computer Inc, the world's fifth largest computer manufacturer, is a Taiwan-based multinational computer and phone hardware and electronics company.

Share on Facebook Share on Twitter