Advanced Persistent Threat (APT) attacks are national-level
attacks usually initiated by a couple of specific countries, targeting certain
international organizations or entities instead of consumers.
ASUS Live Update is a proprietary tool supplied with ASUS
notebook computers to ensure that the system always benefits from the latest
drivers and firmware from ASUS. A small number of devices have been implanted with
malicious code through a sophisticated attack on our Live Update servers in an attempt
to target a very small and specific user group. ASUS customer service has been
reaching out to affected users and providing assistance to ensure that the security
risks are removed.
ASUS has also implemented a fix in the latest version (ver.
3.6.8) of the Live Update software, introduced multiple security verification
mechanisms to prevent any malicious manipulation in the form of software
updates or other means, and implemented an enhanced end-to-end encryption
mechanism. At the same time, we have also updated and strengthened our server-to-end-user
software architecture to prevent similar attacks from happening in the future.
Additionally, we have created an online security diagnostic
tool to check for affected systems, and we encourage users who are still
concerned to run it as a precaution. The tool can be found here: https://dlcdnets.asus.com/pub/ASUS/nb/Apps_for_Win10/ASUSDiagnosticTool/ASDT_v1.0.1.0.zip
We also encourage all users to download and install the
latest version of ASUS Live Update (ver. 3.6.8) from: https://www.asus.com/support/FAQ/101872
Users who have any additional concerns are welcome to
contact ASUS Customer Service.
More information about APT groups: https://www.fireeye.com/current-threats/apt-groups.html
Pages: 1 2
