We believe this to be a very sophisticated supply chain attack, which matches or even surpasses the Shadowpad and the CCleaner incidents in complexity and techniques. Of course, there might be other samples out there with different MAC addresses in their list. We were able to extract more than 600 unique MAC addresses from over 200 samples used in this attack. To achieve this, the attackers had hardcoded a list of MAC addresses in the trojanized samples and this list was used to identify the actual intended targets of this massive operation. The goal of the attack was to surgically target an unknown pool of users, which were identified by their network adapters’ MAC addresses. The attack took place between June and November 2018 and according to our telemetry, it affected a large number of users. In January 2019, we discovered a sophisticated supply chain attack involving the ASUS Live Update Utility. Kaspersky Labs is reporting on a new supply chain attack they call “Shadowhammer.” Malware Installed in Asus Computers through Hacked Update Process
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |