At a Complex targeted espionage Performance, hackers infected thousands of computers in the Taiwanese vendor ASUS with malicious Applications Together with the company’s online automatic update service, security Investigators reported Monday.
Kaspersky Lab stated it detected 57,000 infections among customers of its antivirus program. It estimates that the tap likely affected more than 1 million computers in the planet’s No. 5 computer company.
The malware was developed to open a”backdoor” for intruders in the infected machines, researchers said.
Approximately 50 percent of the affected Kaspersky anti-virus software customers were in Russia, Germany and France, the company said.
A Symantec spokeswoman said about 13,000 of its antivirus customers received the malicious updates.
The so-called supply-chain attack was first reported by the internet news website Motherboard.
It did not discover the malware before January, when new capabilities were added to its anti-virus applications, the company said.
Kaspersky said its researchers decided that the malware has been programmed for surgical espionage when they saw that it was created to take a second malware payload for certain computers based on unique identifiers of their network connections. It identified more than 600 computers programmed to receive the payload.
In a blog article and replies to emailed questions, the company said the essence of the second malware payload was unknown because the server that delivered it was no more active.
Kaspersky said that while is too early to know who was behind the operation, it’s consistent with a 2017 episode attributed by Microsoft to a Chinese state-backed set that the company calls BARIUM.