"Asus Confirms Attack Against Update Tool That Exposed Users to Risk"

Hackers were able to obtain access to Asus' servers, the attackers took aim at the Asus Live Update tool, which is used to deliver driver and firmware updates to customers.  The attackers were able to inject Trojan code into the Asus Live Update tool and were able to deploy malware to users of Asus computers.  The updates appeared to be authentic to end users, as they were signed with legitimate Asus digital certificates.   Symantec found that at least 13,000 computers received the malicious Trojanized updates from the Asus. 20 percent of infections affected organizations and 80 percent affected consumers.  The potential impact of the Asus update tool is large, a pool of 600 MAC addresses were specifically targeted by Operation ShadowHammer.  

eWeek reports: "Asus Confirms Attack Against Update Tool That Exposed Users to Risk"

Submitted by Anonymous on