Vendors always advertised to install new updates via the official channels to make sure that the integrity of the system is maintained The question is, What if the manufacturer contains malware in the update?
the firm has dubbed the attack as ShadowHammer.
Kaspersky Lab researchers said that ASUS, one of the world’s largest computer makers, was used to unwittingly install a malicious backdoor on thousands of its customers’ computers last year after attackers compromised a server for the company’s live software update tool. The malicious file was signed with legitimate ASUS digital certificates to make it appear to be an authentic software update from the company,
Researchers estimated 50 million windows users have received the backdoor. The attackers were capable of that affected service was signed using a certain certificate. Also, the original file size is the same.
Kaspersky plans to release “sophisticated supply chain attack,” a detailed analysis of this attack next month at its cybersecurity conference.
Kaspersky plans to release a detailed analysis of this attack next month at its cybersecurity conference.