Hackers from the ShadowHammer group managed to infect more than a million computers Asus with malware using the official update server. The latter was under the control of cybercriminals from June to November 2018, Kaspersky Lab experts determined.
Despite the large number of potential victims of the attack, it went unnoticed for the majority of users. As it turned out, cybercriminals were only interested in PCs with specific MAC addresses. If the network identifier of the infected computer was not in the list compiled by hackers, the backdoor did not show any activity.
Kaspersky Lab notified the company Asus of the cybercriminals' actions at the end of January 2019, but there has still been no reaction to this.