Hackers abuse ASUS cloud service to install backdoor on users’ PCs

Hackers abuse ASUS cloud service to install backdoor on users’ PCs

Enlarge (credit: Jeremy Brooks / Flickr)

ASUS’s update mechanism has once again been abused to install malware that backdoors PCs, researchers from Eset reported earlier this week. The researchers, who continue to investigate the incident, said they believe the attacks are the result of router-level man-in-the-middle attacks that exploit insecure HTTP connections between end users and ASUS servers, along with incomplete code-signing to validate the authenticity of received files before they’re executed.

Plead, as the malware is known, is the work of espionage hackers Trend Micro calls the BlackTech Group, which targets government agencies and private organizations in Asia. Last year, the group used legitimate code-signing certificates stolen from router maker D-Link to cryptographically authenticate itself as trustworthy. Before that, the BlackTech Group used spear-phishing emails and vulnerable routers to serve as command and control servers for its malware.

Late last month, Eset researchers noticed the BlackTech Group was using a new and unusual method to sneak Pl

 » Read More

Loading...

What do you think?

0 points
Upvote Downvote

Total votes: 0

Upvotes: 0

Upvotes percentage: 0.000000%

Downvotes: 0

Downvotes percentage: 0.000000%

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Loading…

Comments

comments

Sprint’s first 5G devices go on preorder Friday, available May 31     – CNET

Sprint’s first 5G devices go on preorder Friday, available May 31 – CNET

Xbox One May Update Adds A Couple Of New Features

Xbox One May Update Adds A Couple Of New Features