Mar 25, 2019

"Operation Shadowhammer" hacker group invades ASUS computers

A sophisticated group infected tens of thousands of ASUS brand computers with malware in a scheme to target a small handful of users, Kaspersky Lab reports. The attacks came through the official software update program ASUS Live Update Utility.

Why it matters: The operation, dubbed "Operation Shadowhammer," appears to come from a motivated, technologically adept threat — someone sophisticated enough to breach a major technology firm, patient enough to compile technical details about their intended victims to use during the attack and motivated enough to infected anyone updating their ASUS system to reach only a handful of victims.

Details:

  • Shadowhammer signed the malware it sent through the ASUS Live Update Utility using ASUS's security certificates, instructing computers to treat the malware as legitimate software updates. Companies treat certificate data as one of their most guarded secrets to prevent hackers from doing this.
  • Shadowhammer's malware checked if a system it infected was a pre-written list of around 600 computers it was specifically looking for, using unique identifiers in the networking hardware known as MAC addresses.
    • That means Shadowhammer had advance knowledge of the systems it most wanted performing follow up attacks against.

By the numbers: Kaspersky detected more than 57,000 different systems that tried to install the Shadowhammer malware. That number only includes the systems Kaspersky software protects.

Go deeper

South Korea and Italy step up emergency measures as coronavirus cases jump

Data: The Center for Systems Science and Engineering at Johns Hopkins, the CDC, and China's Health Ministry. Note: China numbers are for the mainland only and U.S. numbers include repatriated citizens.

The novel coronavirus has spread to more nations as South Korea and Italy step up emergency measures in their countries amid rising case numbers on Sunday.

The big picture: COVID-19 has killed at least 2,462 people and infected almost 79,000 others, mostly in mainland China. South Korea increased the infectious disease alert to red, the highest possible, as its case numbers jumped to 602 and the death toll to five. Italy's government announced emergency measures, with several towns in the north effectively placed in lockdown, as it confirmed two deaths and infections rose to 79.

Go deeperArrowUpdated 3 hours ago - Health

Bernie Sanders wins Nevada caucus

Democratic presidential candidate Sen. Bernie Sanders waves to supporters at a campaign rally on Friday in Las Vegas. Photo: Mario Tama/Getty Images

Sen. Bernie Sanders is projected to handily win the Nevada Democratic primary caucus, becoming the clear frontrunner among 2020 Democratic presidential primary election candidates.

Why it matters: Nevada is the first state with a diverse population to hold a nominating contest, highlighting candidates' abilities to connect with voters of color — particularly Latino voters.

Go deeperArrowUpdated 3 hours ago - Politics & Policy

Heat wave melts 20% of snow cover from Antarctic island in days

The effects of February's record heat wave on Eagle Island in Antarctica. Photo: NASA

Antarctica's Eagle Island now has a side that's almost ice-free following this month's searing heat wave in the region, images released by NASA show.

Why it maters: "The warm spell caused widespread melting on nearby glaciers," NASA said in its report. It's the third major melt event of the 2019-2020 Southern Hemisphere summer, following warm spells in January and last November, according to the United Nation's World Meteorological Organization (WMO).