The fact that network adapter MAC addresses were baked into the backdoored Live Update build suggests the snoops behind ShadowHammer were well aware of the internal operations of their target. ![]() It described the intrusion as the work of an advanced persistent threat, which it defined thus:Īdvanced Persistent Threat (APT) attacks are national-level attacks usually initiated by a couple of specific countries, targeting certain international organizations or entities instead of consumers. Asus's efforts to prevent man-in-the-middle fiddling is all well and good, as long as the PC slinger has also sufficiently shored up the security of its download servers, so updates can't be poisoned again.Īlso, Asus implied in its statement that ShadowHammer was carried out by an unnamed nation's spies against a particular organization or entity rather than random netizens. ![]() Yet Kaspersky claimed the backdoored utility was hosted on Asus's update server, meaning the code was nobbled at the source rather than while going over the wire. ![]() Kaspersky is due to publish a full report into the shenanigans.įrom the wording of Asus's statement, the PC maker seems more concerned about the tampering of downloads while they are in transit, effectively thwarting man-in-the-middle attacks. Symantec also confirmed its antivirus tools, like Kaspersky's, had detected the backdoored Live Update on its customers' systems.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |