• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Asus Motherboard Owners: Do you have updater installed?

Joined
Mar 10, 2015
Messages
1,428 (0.95/day)
Likes
951
System Name Wut?
Processor 4770K @ Stock
Motherboard MSI Z97 Gaming 7
Cooling Water
Memory 16GB DDR3 2400
Video Card(s) Vega 56
Storage Samsung 840 Pro 256GB
Display(s) 3440 x 1440
Case Thermaltake T81
Power Supply Seasonic 750 Watt Gold
#1
Looks like their updater may have been compromised.

https://motherboard.vice.com/en_us/...o-install-backdoors-on-thousands-of-computers

Edit: In case you don't read it, you were likely not a target.

Edit 2:

It does seem like they have been unresponsive and reportedly not notified any customers. Although considering the highly targeted nature, I'm not sure if it matters but pretty rotten not to let people know about it.

Kamluk said Kaspersky notified ASUS of the problem on January 31, and a Kaspersky employee met with ASUS in person on February 14. But he said the company has been largely unresponsive since then and has not notified ASUS customers about the issue.

The attackers used two different ASUS digital certificates to sign their malware. The first expired in mid-2018, so the attackers then switched to a second legitimate ASUS certificate to sign their malware after this.

Kamluk said ASUS continued to use one of the compromised certificates to sign its own files for at least a month after Kaspersky notified the company of the problem, though it has since stopped. But Kamluk said ASUS has still not invalidated the two compromised certificates, which means the attackers or anyone else with access to the un-expired certificate could still sign malicious files with it, and machines would view those files as legitimate ASUS files.
 
Last edited:
Joined
Mar 23, 2016
Messages
1,921 (1.71/day)
Likes
2,097
Processor Ryzen 5 2600X
Motherboard MSI B350M Gaming Pro
Cooling Scythe Kotetsu with AM4 bracket
Memory PNY Anarchy-X XLR8 Red DDR4 3200 MHz C15-17-17-17-35
Video Card(s) MSI GeForce RTX 2060 GAMING Z 6G
Storage Samsung 970 EVO NVMe M.2 500 GB, SanDisk Ultra II 480 GB
Display(s) Samsung SyncMaster C27H711
Case Phantek Eclipse P400S (PH-EC416PS)
Audio Device(s) Realtek ALC887 (dead)
Power Supply EVGA 850 BQ
Mouse Kingston HyperX Pulsefire FPS
Keyboard Logitech K520
Software Windows 10 Professional 64-bit
#2
Neowin said:
To bypass detection by major security solutions, the hackers signed the modified versions of the utility with legitimate digital certificates stolen from ASUS and pushed the trojanized system to the firm's update servers.

According to Kaspersky's findings, each backdoor code has a list of MAC addresses that would scan for a device's unique MAC address and download a malicious payload onto the computer once a match has been found. Out of the hundreds of thousands of potentially affected devices, only 600 specific MAC addresses were targeted by the malware.

Kaspersky researchers also found three other vendors based in Asia whose software was infected with the same backdoor.

The company discovered the malware in January and has since reported it to ASUS and the three other unnamed vendors. Full details of ShadowHammer will be presented at Security Analyst Summit 2019 in Singapore from April 9 to 11.
https://www.neowin.net/news/asus-up...ackdoor-potentially-affecting-1-million-users
 
Joined
Oct 17, 2014
Messages
2,313 (1.41/day)
Likes
1,071
Location
USA
System Name $170 family PC, rest was reused old parts.
Processor Ryzen Athlon 200GE @ 3.2Ghz ($55)
Motherboard Biostar A320M Pro ($42)
Memory 8gb (2x4) DDR4 2666 CAS 15-15-15 ($63)
Video Card(s) Vega 3 Integrated
Storage 120GB SSD
Display(s) AOC 22V2H 21.5" Frameless 75hz Freesync
Case Thermaltake View 22
Audio Device(s) Schiit Modi 3 + Custom Tube Amp + Sennheiser HD58X
Power Supply Corsair 750w Bronze
Mouse Roccat Kone AIMO
Keyboard Logitech G610+ Cherry MX Red
Software Ubuntu
#3
don't forget to install their RGB software too! trust us!
 

FreedomEclipse

~Technological Technocrat~
Joined
Apr 20, 2007
Messages
19,037 (4.34/day)
Likes
7,086
Location
London,UK
System Name Codename: Icarus Mk.IV
Processor Intel 8600k@4.8Ghz
Motherboard Asus ROG Strixx Z370-F
Cooling Corsair H105 {2x Corsair ML 120 Pro}
Memory Corsair Vengeance White LED DDR4 3200Mhz
Video Card(s) Gigabyte 1080Ti Gaming OC
Storage Samsung 970Evo 512GB SSD (Boot)|WD Blue 1TB SSD|2x 3TB Toshiba DT01ACA300
Display(s) Asus PB278Q 27"
Case Corsair 760T (White) {1x Corsair ML120 Pro |3x ML140 Pro}
Audio Device(s) Creative SB Z {AVR:Yamaha RX-V573|Speakers: JBL Control One|Auna 300-CN|Wharfedale Diamond SW150}
Power Supply Corsair AX760
Mouse Logitech G900/G502
Keyboard Duckyshine Dead LED(s) III
Software Windows 10 Pro
Benchmark Scores (ノಠ益ಠ)ノ彡┻━┻
#4
I dont use any Asus software with my Asus board other than. the lighting thing that doesnt even work half the god. damn. time.
 
Joined
Mar 23, 2016
Messages
1,921 (1.71/day)
Likes
2,097
Processor Ryzen 5 2600X
Motherboard MSI B350M Gaming Pro
Cooling Scythe Kotetsu with AM4 bracket
Memory PNY Anarchy-X XLR8 Red DDR4 3200 MHz C15-17-17-17-35
Video Card(s) MSI GeForce RTX 2060 GAMING Z 6G
Storage Samsung 970 EVO NVMe M.2 500 GB, SanDisk Ultra II 480 GB
Display(s) Samsung SyncMaster C27H711
Case Phantek Eclipse P400S (PH-EC416PS)
Audio Device(s) Realtek ALC887 (dead)
Power Supply EVGA 850 BQ
Mouse Kingston HyperX Pulsefire FPS
Keyboard Logitech K520
Software Windows 10 Professional 64-bit
#5
the lighting thing that doesnt even work half the god. damn. time.
Asus's Q&A for software is lacking in quality? No one should be expecting much from any of the name brands.
 
Joined
Mar 24, 2010
Messages
4,852 (1.46/day)
Likes
1,026
Location
Visca la Terra Lliure!
System Name Oh the name!
Processor i7 7700K
Motherboard MSI Z270 Xpower
Cooling EK 360 Extreme
Memory 16Gb G.Skill TridentZ 3866
Video Card(s) nVidia 1080 Ti Flanders Edition
Storage 1 Intel PCIE SSD750, 2 Sam 840Evo 1TB SSD, WD Black 2TB, Toshiba 3TB
Display(s) Acer Predator X1 (32")
Case Rajintek Paean
Audio Device(s) onboard
Power Supply Corsair AX860
Mouse Mad Catz Pro X
Keyboard Corsair K70
Software W10Pro
#6
whats for sure is their Update never updated a fook!
 
Joined
Jan 4, 2017
Messages
344 (0.41/day)
Likes
747
Location
Ohio
System Name Penny the Cruncher/Wilson The Cruncher/The Gaming PC/Crunchy the Cruncher
Processor 2x Xeon x5550@2.66Ghz/ i7 3770@3.5Ghz/ i7 3770K@3.5Ghz/2x Xeon x5675@ 3.06Ghz
Memory 32 GB DDR3/ 16GB DDR3/ 16GB DDR3/20GB DDR3
Video Card(s) Onboard/ Onboard/ NVIDIA GeForce GTX 980/Onboard
Storage 6x 10k SAS 72GB/ 500GB Standard HDD/ 512 GB M.2/3x 10k SAS 72GB
Case Dell PowerEdge r610 Chassis/Dell Vostro Chassis/ NZXT Case/Dell PowerEdge R610 Chassis
Power Supply All I know is that they all use too much juice!
Software VMware Cluster on Servers
#7
This is sounding very nation-statey. Not to bring out the tinfoil hats, but using legitimate certs nefariously seems to be a signature move for advanced persistent threat actors. The targeted nature of the additional payloads also supports this. I think most people are fixated on how poorly ASUS is handling this (legitimate point), but not how scary this seems to be (to me at least).
 
Joined
Mar 27, 2019
Messages
9 (0.38/day)
Likes
1
System Name SKTOWER01
Processor AMD Ryzen 7 2700X
Motherboard ASUS ROG Strix X470-F Gaming
Cooling AMD Wraith Prism RGB
Memory Corsair Vengeance LPX 32 GB
Video Card(s) eVGA GTX 1060 6 GB
Storage Samsung 960 Pro 512 GB m.2 | Samsung 860 Evo 1 TB m.2 | Seagate FireCuda 2 TB SATA
Display(s) Samsung LS27D590CS/ZA
Case Corsair Crystal 460X
Power Supply Corsair CX750M
Software Windows 10 Pro x64
#8
I've had mine running for a few months, and has yet to find an update. BIOS updates are done through the actual BIOS (for me), so I'm thinking of removing the utility completely. I could never find a way to stop it from running at boot, either. That alone makes me not a fan.
 
Joined
Mar 24, 2010
Messages
4,852 (1.46/day)
Likes
1,026
Location
Visca la Terra Lliure!
System Name Oh the name!
Processor i7 7700K
Motherboard MSI Z270 Xpower
Cooling EK 360 Extreme
Memory 16Gb G.Skill TridentZ 3866
Video Card(s) nVidia 1080 Ti Flanders Edition
Storage 1 Intel PCIE SSD750, 2 Sam 840Evo 1TB SSD, WD Black 2TB, Toshiba 3TB
Display(s) Acer Predator X1 (32")
Case Rajintek Paean
Audio Device(s) onboard
Power Supply Corsair AX860
Mouse Mad Catz Pro X
Keyboard Corsair K70
Software W10Pro
#9
when you uninstall Asus software you still have to check and delete some Folders, Services, Autoruns, and Task Scheduler. Apart from creating "Asus" folders everywhere, they also put a "LightingService" folder out in the open of the main Program folder... etc etc etc
 
Top