Facepalm of the day: Over half a million Asus computers have been infected
A back door was added to half a million Asus devices, but the company did not consider it appropriate to inform its customers.
Users did not have much chance to expect an attack, because this came from the least expected side. Who would expect that the malware will appear with the update coming straight from the manufacturer of our valuable equipment from its valuable server. If you are already grabbing your head, mumbling "as for a bright angel," then wait, the best before us ... the malicious file was signed with the authentic certificate of Asus.
The attack was discovered by Kaspersky Lab.
The matter was described by Motherboard , but the researchers from Kaspersky Lab raised the alarm. It was they who discovered that for five months, one of the world's largest laptop manufacturers installed malicious software on their users' computers. At that time, hackers managed to infect over half a million devices, although only 600 gates were used. The list with MAC addresses of selected victims was in the file. If the address matched the address of the computer, the malicious program downloaded from the network equally nasty colleague. Since everything was nicely signed by Aus with his own certificate, the programs did not raise any more suspicions.
Asus should have painted a large criminal penguin on the headquarters.
The attack was discovered at the end of January. And although Kaspersky immediately informed Asus representatives about it, the company did not rush to save customers and inform them that they are at risk. The customers of Asus have to find out about the danger from Kaspersky's blog, and the fact that this happens a few months after the discovery of vulnerability does not make Asus get a medal for caring for the safety of people who chose him.
If we add to this the fact that Asus has not stopped using the certificate used during the attacks, we can only laugh hysterically, in a characteristic gesture to catch a face, or wish someone responsible in Taiwan for the safety of bad dreams.
Asus will issue its statement only tomorrow. Sure, they waited two months to let anyone know about the problem, they could wait another day. In the end, it does not burn.
Facepalm of the day: Over half a million Asus computers have been infected
Comments
Post a Comment