It has been broadly reported in the technical press that the ASUS automatic updating software for its PC’s has been infiltrated by malware and has been widely distributed to ASUS PC’s and Laptops.
I personally think this is a storm in a tea cup, as the details of this imply that only 600 PC’s would ever be affected as this is specifically targeted at a number of PC’s that have one of 600 MAC addresses. This is a unique addressing string related to the network adaptor (WiFI or wired), and will never be replicated to another device. However, it could also be a proof of concept for a much broader Cyber Attack. I guess only time will tell on that front.
It appears that the infected updater has been distributed to thousands of ASUS PC’s, but will only attack if your MAC Address is on the list of 600. However, as the updater was digitally signed by ASUS, your AV software may well not detect it. I am expecting ASUS to address this urgently and post an update (hmmmm) to its updater soon. I also expect Anti-Virus companies to update their products soon to detect it. What else needs to be done to remove this malware I am not sure, but hopefully ASUS will.
You can check your MAC address using the following website https://shadowhammer.kaspersky.com/. Note, Kaspersky initially reported the event. This tool is provided by them, and not be me so use with all the usual caution and read any disclaimers before you enter anything.
Steve Gibson from the Gibson Research Corporation provides a very good explanation of this event on his Security Now podcast on the Twit Network. The section from the appropriate podcast is at the 16:40 mark below if you want all the details (enthusiasts only I guess).
The detail has also been widely commented on in the tech press, but if you want the tech details then by all means listen to Steve Gibson above or go to the ‘Motherboard’ article that initially reported it.
I am personally a fan of ASUS hardware, and would really be disappointed if they didn’t address this quickly.
Headline image provided by Shutterstock.