At a sophisticated targeted espionage operation, hackers infected thousands of computers from the Taiwanese vendor ASUS with malicious Applications using the company’s online automatic Upgrade service, security Investigators reported Monday.
Kaspersky Lab stated it detected 57,000 infections among clients of its antivirus software. It estimates that the exploit probably affected more than 1 million computers in the world’s No. 5 pc business.
About 50 percent of those affected Kaspersky anti-virus applications customers were in Russia, Germany and France, the business said.
A Symantec spokeswoman said about 13,000 of its antivirus clients received the malicious updates.
The so-called supply-chain assault was reported by the internet news site Motherboard.
It did not discover the malware before January, when new capabilities were added into its anti-virus software, the business said.
Kaspersky stated its investigators decided that the malware was programmed for surgical espionage if they saw that it was created to take another malware payload for certain computers based on specific identifiers of their network connections. It identified over 600 computers programmed to receive the payload.
In a blog article and replies to emailed questions, the company stated the essence of the second malware payload was unknown because the server that delivered it was no more active.
Kaspersky said that although is too early to know who was behind the operation, it is consistent with a 2017 episode attributed by Microsoft on a Chinese state-backed group the provider calls BARIUM.