ASUS Responds to Operation ShadowHammer Security Flaw Making Users Vulnerable to Backdoor Attacks
Operation ShadowHammer
Share on whatsapp
Share on facebook
Share on twitter
Share on pinterest
Share on telegram
Share on reddit
Share on google
Share on tumblr
Share on skype
Share on email
Share on linkedin
Share on pocket

An ASUS software update has left many vulnerable to backdoor attacks. ASUS users running the ASUS software Live Update, which is preinstalled on most ASUS systems, were possibly susceptible to security flaws which have been discovered that allowed attackers to gain a backdoor to users’ computers and vulnerable to the Operation ShadowHammer security flaw.

Related: Sony Confirms it Will Stop Letting Retailers Sell PS4 Download Codes

The Operation ShadowHammer security flaw in the ASUS software was first discovered by research firm Kaspersky Lab on 29 January 2019, which has been performing diagnostics test and forensic investigations to analyse what this exploit means to ASUS users. The research firm reportedly found that over 1 million ASUS users were vulnerable to the Operation ShadowHammer security flaw between June and November 2018. ASUS was notified about Operation ShadowHammer on 31 January 2019.

Now, Asustek Computer Inc (or ASUS as we all know it as) has responded to the Operation ShadowHammer attack, urging users to install version 3.6.8 of the ASUS Live Update Utility which is a patch that implements security flaw fixes. The new patch introduces multiple security verification mechanisms to prevent any malicious manipulation in the form of software updates or other means and implements an enhanced end-to-end encryption mechanism. Additionally, ASUS updated and strengthened its server-to-end-user software architecture to prevent similar attacks from happening in the future.

The company also disputed the claims by Kaspersky Lab that over 1 million users were compromised by the security flaw, claiming the attacks only impacted “a small number of devices“.

The company had since helped customers fix the problem, patched the vulnerability and updated their servers.

It’s unclear who, or which organisation was behind the attack. It is also unclear what the attackers’ motives were for the cyber attack, with ASUS only stating that

Advanced Persistent Threat (APT) attacks are national-level attacks usually initiated by a couple of specific countries, targeting certain international organizations or entities instead of consumers.

Users can use this free tool from Kaspersky Lab to check whether they’ve been attached by Operation ShadowHammer. Users can also use another tool suggested by ASUS to check whether they’re system is vulnerable to the security flaw.






GLITCHED was created by taking everything we love and putting into one place. It contains a little something for everyone be it your favourite comic book, what to binge on Netflix this weekend, or your annual first-person shooter. The idea that one can love all the cool things is not hard to comprehend, you just need to find a place for it. That place is GLITCHED..