Compromissed ASUS update servers delivered signed malware to hundreds of thousands of customers in 2018:
– it is a targeted attack since the malware is only active if your device has certain MAC addresses
– most victims are in Russia, Germany, and France
– technical details, and affected MAC addresses: https://securelist.com/operation-shadowhammer/89992/
@infosechandbook I do not fully agree with the targeted part, unless they wanted to harm Asus themselves by damaging their reputation. For sure it's not a high precision operation.
:Irony in: - mitigation factor: luckily most people don't care updating their hardware drivers & firmware once they have unboxed their shiny new thing :irony off:
@infosechandbook is the list of targeted mac addresses published somewhere?
We only know of the tool provided by Kaspersky, and their web-based check at the moment.
@infosechandbook ok. i will scroll for the link, then. thank you!
@infosechandbook this ones going to be headlines
mastodon.at is a microblogging site that federates with most instances on the Fediverse.