ASUS released a new security update in response to Advanced Persistent Threat (APT) actors that targeted certain international organizations. A new version of ASUS Live Update software was also made available.
As Kaspersky Lab researchers revealed earlier this week, Cyber attackers had hijacked ASUS Live Update and downloaded a back-doored version to thousands of ASUS PCs last year.
The utility is pre-installed on most ASUS computers and is used to keep ASUS PCs up-to-date with latest firmware, drivers and applications.
ASUS provided an update on the APT attack:
“A small number of devices have been implanted with malicious code through a sophisticated attack on our Live Update servers in an attempt to target a very small and specific user group. ASUS customer service has been reaching out to affected users and providing assistance to ensure that the security risks are removed.”
To address the threat, ASUS has implemented a fix in the latest version (3.6.8) of the Live Update software:
“The new version now has multiple security verification mechanisms to prevent any malicious manipulation in the form of software updates or other means, and implemented an enhanced end-to-end encryption mechanism. At the same time, we have also updated and strengthened our server-to-end-user software architecture to prevent similar attacks from happening in the future.”
ASUS has also created a diagnostic tool that users can run on affected systems and as a precaution for users still concerned.
To learn more about these types of threats, you can also read more about APT groups (as provided by FireEye).