FILE PHOTO: Logo of the Taiwanese multinational computer hardware and electronics company Asus are seen during the annual Computex computer trade show in Taipei, Taiwan-June 1, 2016. REUTERS/Tyrone Siu
(Reuters) – Hackers were able to deliver malware to the lake a million-plus Asus computer owners last year by hijacking the company’s software update system, security researchers said on Monday.
Moscow-based cyber security provider Kaspersky Lab said that the attack took place between June and November last year and was used for the delivery of a software update with a “backdoor” that gives hackers access to infected machines.
“We are not able to calculate the total count of the affected users only on the basis of our data, but we estimate that the true extent of the problem is much larger and it is possible that more than one million users worldwide,” Kaspersky said in a blog post.
Researchers from cyber security firm Symantec were also able to identify the attack on the Asus users, a Symantec spokeswoman said.
Asus said that it would be a statement on Tuesday.
The attack, which was first reported by technology news website the Motherboard, let see how hackers could make use of the size of the technology companies and their suppliers to reach large numbers of casualties.
Kaspersky said that more than 57,000 users had downloaded and installed on the infected Asus update, but the hackers intended to focus on a smaller number of unknown victims.
Kaspersky said it informed Asus about the attack in January and was assisting the company with its research.
Reporting by Vibhuti Sharma in Bengaluru, Angela Moon in New York, Jack Stubbs in London; Editing by James Emmanuel and David Goodman