The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: ASUS

Here's the List of ~600 MAC Addresses Targeted in Recent ASUS Hack

Here's the List of ~600 MAC Addresses Targeted in Recent ASUS Hack

March 29, 2019Swati Khandelwal
EXCLUSIVE — While revealing details of a massive supply chain cyber attack against ASUS customers, Russian security firm Kaspersky last week didn't release the full list all MAC addresses that hackers hardcoded into their malware to surgically target a specific pool of users. Instead, Kaspersky released a dedicated offline tool and launched an online web page where ASUS PC users can search for their MAC addresses to check whether they were in the hit list. However, many believe it is not a convenient way for large enterprises with hundreds of thousands of systems to know if they were targeted or not. List of MAC Addresses Targeted in ASUS Supply Chain Attack To solve this and help other cybersecurity experts continue their hunt for related hacking campaigns, Australian security firm Skylight's CTO Shahar Zini contacted The Hacker News and provided the full list of nearly 583 MAC addresses targeted in the ASUS breach. "If information regarding targets exi
Warning: ASUS Software Update Server Hacked to Distribute Malware

Warning: ASUS Software Update Server Hacked to Distribute Malware

March 25, 2019Swati Khandelwal
Remember the CCleaner hack ? CCleaner hack was one of the largest supply chain attacks that infected more than 2.3 million users with a backdoored version of the software in September 2017. Security researchers today revealed another massive supply chain attack that compromised over 1 million computers manufactured by Taiwan-based tech giant ASUS. A group of state-sponsored hackers last year managed to hijack ASUS Live automatic software update server between June and November 2018 and pushed malicious updates to install backdoors on over one million Windows computers worldwide. According to cybersecurity researchers from Russian firm Kaspersky Lab , who discovered the attack and dubbed it Operation ShadowHammer , Asus was informed about the ongoing supply chain attack on Jan 31, 2019. After analyzing over 200 samples of the malicious updates, researchers learned that hackers did not want to target all users, instead only a specific list of users identified by their uniq
Asus Faces 20 years of Audits Over Poor Wi-Fi Router Security

Asus Faces 20 years of Audits Over Poor Wi-Fi Router Security

February 24, 2016Unknown
Currently, Asus is undergoing through a troublesome situation after a lawsuit had been filed by the US Federal Trade Commission (FTC) regarding its Router Insecurity. On Tuesday, FTC settled charges with Asus, where the hardware manufacturing company agrees to: Undergo Independent Security Audits Once in 2 years, for the Next 2 Decades . This action had been taken as the result of security negligence in Asus Wireless Routers that put the home and corporate networks of hundreds of thousands of consumers at risk. If Asus is found to violate the agreement, the company could end up paying a civil penalty of up to $16,000 for each violation. Asus Router Security Blunders Since Asus markets its products under the label of Secure and Intelligent routers through its website, following flaws would splash its level of security and intelligence. 1. Default Username & Password: ADMIN In 2014, a serious security issue had been brought to the public regarding
ASUS Wireless router leaves USB Storage Devices vulnerable to remote attackers

ASUS Wireless router leaves USB Storage Devices vulnerable to remote attackers

January 13, 2014Anonymous
In this era of Computers and Smartphones, where we are connected to the Internet every second and use it almost for everything. For an Internet connection, one has to plug a device called Router between the ISP (Internet Service Provider) and device. Some Routers are available with USB option, where you can attach an external Hard Disk that allows files to be stored and retrieved across a computer network. Asus one of the largest IT hardware manufacturer providing these kind of devices by which you can connect to the internet and make your external hard disk available on the Internet as FTP server just by configuring AiDisk utility from the router's administrator panel.  Many ASUS Routers have this feature available, including models: RT-N66U, RT-N56U, RT-N15U, RT-N65U, RT-AC66U, DSL-N55U and RT-N16. Recently a vulnerability has been noticed by some Sweden users in the ASUS Routers, that allows an attacker to access your Hard Disk remotely from any part of the wo
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.