ASUS wasn't the only company hit by ShadowHammer

Image Credit: Pixabay (Image credit: Shutterstock)

As it turns out, ASUS was not the only company targeted by supply chain attacks during the ShadowHammer hacking operation uncovered by Kaspersky Lab and we're now learning that at least six other organizations have been infiltrated by hackers.

The Taiwanese hardware maker's supply chain was compromised by trojanizing its ASUS live software updater which was eventually downloaded and installed on tens of thousands of customer computers according to experts' estimations.

However, ASUS wasn't the only company which had its IT infrastructure infiltrated during Operation ShadowHammer since Kaspersky's researchers were able to find a number of other similar malware samples that were also signed with legitimate certificates.

The cybersecurity firm discovered that the ASUS samples and the newly discovered ones were both using very similar algorithms to calculate API function hashes. Additionally the IPHLPAPI.dll was used within all of the malware samples.

ShadowHammer victims

Besides ASUS, three Asian gaming companies (Electronics Extreme, Innovative Extremist and Zepetto) also fell victim to Operation ShadowHammer and Kaspersky also discovered that another video game company, a conglomerate holding company and a pharmaceutical company in South Korea were targets as well.

The researchers did not name the three new victims as they are still in the process of alerting them regarding the supply chain attacks they suffered.

The attackers that targeted the three Asian gaming companies were able to drop a malicious payload designed to collect system information and download additional payloads from its command-and-control (C&C) server.

Once installed on a user's system, the trojanized games first check to see if traffic and processor monitoring tools are running or if the system language is set to either Simplified Chinese or Russian. If any of these checks come back as true, the backdoor is programmed to stop execution automatically.

Kaspersky provided more details on the nature of Operation ShadowHammer in a blog post, saying:

“We believe this to be the result of a sophisticated supply chain attack, which matches or even surpasses the ShadowPad and the CCleaner incidents in complexity and techniques. The reason that it stayed undetected for so long is partly the fact that the trojanized software was signed with legitimate certificates (e.g. “ASUSTeK Computer Inc.”).”

If you have an ASUS computer, it is highly recommended that you download and update to the latest version of the ASUS Live Update Utility to prevent falling victim to any further attacks.

Via BleepingComputer

  • Keep your systems protected from the latest cyber threats with the best antivirus
TOPICS
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
Isometric demonstrating multi-factor authentication using a mobile device.
NCSC gets influencers to sing the praises of 2FA
Sam Altman and OpenAI
OpenAI is upping its bug bounty rewards as security worries rise
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
China
Notorious Chinese hackers FamousSparrow allegedly target US financial firms
A digital representation of a lock
NYU website defaced as hacker leaks info on a million students
NHS
NHS IT supplier hit with major fine following ransomware attack
Latest in News
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
Three angles of the Apple MacBook Air 15-inch M4 laptop above a desk
Apple MacBook Air 15-inch (M4) review roundup – should you buy Apple's new lightweight laptop?
Witchbrook
Witchbrook, the life-sim I've been waiting years for, finally has a release window and it's sooner than you think
Amazon Echo Smart Speaker
Amazon is experimenting with renaming Echo speakers to Alexa speakers, and it's about time
Shigeru Miyamoto presents Nintendo Today app
Nintendo Today smartphone app is out now on iOS and Android devices – and here's what it does