Skip to main content

Shadowhammer attack didn't just hit Asus

(Image credit: Image source: Shutterstock/lolloj)

The Operation ShadowHammer supply chain attack which affected Asus last month may have affected more victims, Kaspersky has said.

Further investigation by the company's security researchers found that Asus wasn't the only company targeted. In fact, a total of six companies were infiltrated during the supply chain raid.

Among them, the reserachers said, are Electronics Extreme, Innovative Extremist and Zepetto. Besides them, the victims were a video gaming company, a congolmerate holding company and a pharmaceutical company, all from South Korea, yet unnamed.

The researchers are currently notifying the victims of the attack.

Researchers first noticed the attack in Asus' laptops. the ASUS Live Update Utility, a tool that comes preloaded with ASUS machines and is used to update BIOS, was infected. Hackers stole certificates used by ASUS to sign legitimate binaries, so the threat went undetected.

Researchers also claimed that, despite the fact that the malware was present in thousands of machines, only 600 were targeted. “The selected vendors are extremely attractive targets for APT groups that might want to take advantage of their vast customer base. It is not yet very clear what the ultimate goal of the attackers was and we are still researching who was behind the attack," said Vitaly Kamluk, Director of Global Research and Analysis Team, APAC, at Kaspersky Lab.

It seems as the number of affected companies may still rise.

Image source: Shutterstock/lolloj