However, chances are that Asus may not be the only laptop maker with a PC utility that has been infected, at least temporarily and without getting caught by various sophisticated hacking groups. The researchers said that someone modified the Asus Live Update Utility, added a back door and then distributed it via official channels.
The antivirus companies found Asus' update software to be vulnerable only for a limited period of time, but this may have been a strategy by the hacking group to minimize its exposure. Look for the ASUS Live Update icon in the system tray on the taskbar and. But if you are unable to find it in your system, then you can type in your device’s model name and download ASUS Live Update from the ‘Utilities’ section.
This makes it an extremely attractive target for APT groups that might want to take. Note: The ASUS drivers download utility named Live Update comes pre-installed in units with a pre-installed OS. According to Gartner, ASUS is the world’s 5th-largest PC vendor by 2017 unit sales. In this case, not only did Asus ignore this issue for the past three years despite being warned about it by security researchers, but the company seemingly ignored it once again when existing attacks and not just theoretical ones, were showed to it by Kaspersky.ĭue to what seems to be mainly Kaspersky’s insistence on revealing the APT group’s attack to the public and fear of the press’ reaction, Asus was finally dragged kicking and screaming into updating its software with the proper modern security features that it should have used since at least 2016, after the aforementioned report came out. ASUS Live Update is an utility that is pre-installed on most ASUS computers and is used to automatically update certain components such as BIOS, UEFI, drivers and applications. The chief of NSA’s TAO group also said in the past that exploiting OEMs’ software for notebooks is one of the easiest ways to hack a computer, because of how vulnerable these software tools tend to be and how little care laptop vendors tend to have for security in general. Asus, one of the worst offenders among the vulnerable laptop makers, was guilty of not even using HTTPS encryption or signing or validating their software updates.Īt the time, the researchers that revealed this also found other critical vulnerabilities in these companies’ update tools that would have made it easy even for non-technical malicious hackers to infect targeted machines. I use it to identify which drivers have been updated then down load them manualy. Has Asus Learned Its Lesson?īack in 2016, a report came out that revealed how the top 5 notebook makers, including Asus, were ignoring security best practices for their devices that would have prevented this type of attack. i also heard that the live update utility by asus can cause problems.is it true thank you. I think that if ASUS Live Update software is buggy and hogs too much RAM and internet bandwidth,then you must uninstall it as its only task is to update your BIOS.
Now, Asus has released a patch for its software, as well as a diagnostic tool for Asus notebook customers that want to verify whether or not their Live Update software was infected with malware. Additionally, the CCleaner attack also cast a wide net in looking for a smaller population of specific targets.Kaspersky told Asus of the attack in January and published the story yesterday on Seclist and its blog.
They also look for other consistent tells the group uses in its code across different campaigns, though Kaspersky doesn’t reveal details of these indicators. But Kaspersky researchers see similarities in the way the Asus backdoor, the CCleaner backdoor, and other instances of ShadowPad were conceptually designed. Still, you should uninstall the Asus Live Update tool at your earliest convenience and use our guidelines below to keep your computer up to date insteadthe directions for checking the version.
bucause it is a hassle to download the driver updates manually from asus website and checking the driver version everytime i want to update. Raiu adds the group that may be behind all of these attacks, known as Barium, rewrites tools for every large attack so scanners can’t detect them by looking for its old code signatures. Then it doesn't download when you're trying to use the net or whatever. A free download link is provided by the editing staff, along with a ASUS Live Update Utility review. Kaspersky’s Raiu says that the firm suspects the Asus incident is connected to a series of mostly thwarted 2017 ShadowPad attacks as well as the successful use of ShadowPad in the CCleaner compromise. Critical update management tool from ASUS for keeping drivers, utilities, tools and other system applications updated. Tainted updates in otherwise legitimate software platforms have already wreaked havoc in big incidents like the May 2017 NotPetya outbreak and the June 2017 CCleaner compromise.