ASUS, one of world’s largest computer makers, installed backdoor on thousands of customer computers last yr after hackers compromised its software update tool. The file was signed w/ ASUS digital certificates to make it look like authentic software update. motherboard.vice.com/en_us/article/…

“The researchers estimate half a million Windows machines received the malicious backdoor through the ASUS update server, although the attackers appear to have been targeting only about 600 of those systems. The malware searched for targeted systems thru their unique MAC address”

Everyone talks about the dreaded nightmare of supply-chain attacks. This is what a real-world supply chain attack from a vendor’s server looks like.

"This attack shows that the trust model we are using based on known vendor names and validation of digital signatures cannot guarantee that you are safe from malware”

The researchers at @kaspersky Lab believe it may be related to the CCleaner attack in 2017. Here’s their blog post about it with IOC’s securelist.com/operation-shad…

@kaspersky ASUS told @TheVerge it will issue a statement tomorrow. But the company should not have been caught flat-footed on this. I sent them four emails last week before story published.

@kaspersky @TheVerge I should add that @kaspersky Lab researchers contacted ASUS Jan 31 and met w/ ASUS in person Feb 14. The company insisted the hack didn’t happen. When Kaspersky offered to help them with forensic to show it did, ASUS wanted them to sign NDA. The company went silent after that