A newly discovered malware outbreak has been detailed by security outfits ESET and Kaspersky, and it’s rather insidious. The new attack targeted the software update servers for multiple software products, namely ASUS Live Update and Visual Studio from Microsoft. The group of hackers behind the move are still at large, and their efforts have saddled nearly 100,000 PC users with infections on their machines. Although this is just an estimate, as the full number of infections is impossible to know, and is likely far higher than the 92,000 cited by ESET and Kaspersky.
The attack targeted two different companies, namely ASUS and Microsoft, plugging malicious code into the backend code of two major software platforms, which allowed the hackers to infect thousands. The first hack hit ASUS and their live update tool, echoing similar hacks like the one that targeted CCleaner, in which the attackers managed to utilize hijacked digital certificates to push out malicious code that was disguised as a legitimate update.
The hackers then infiltrated servers hosting data and code for Microsoft Visual Studio, allowing them to push malicious code to developers that were using the affected versions. Microsoft managed to patch the issues and remove the bad update, but not everyone moved on to the fixed iteration. In particular two indie developers, namely Electronics Extreme and Zepetto, allowed malicious code to be injected into the published executables of their games. These games are Infestation from Electronics Extreme and PointBlank from Zepetto. Users, mostly located in Asia,
Some interesting quirks with the strain of malware used in the attack do reveal a bit more detail though. The malware was embedded in Another detail is thatt he malware was designed to be nonfunctional on systems using Simplified Chinese, which likely means that the perpetrators of the attack wanted to avoid targeting Chinese mainland users for some reason. It’s possible that they’re based in the country, and want to avoid being hit by the rather aggressive authorities within the country. It’s hard to know for sure though.
What all of this means is that gamers and PC users need to be rather vigilant and judicious with their security policies, including constant scans for malicious code, as well as paying attention to tech news about attacks like this, and being on the lookout for malicious hacks.