Accessing the update server allowed the attackers to distribute malicious files that seemed legitimate because they got an ASUS digital certificate to make them authentic. Instead, the fake software updates gave the attackers a back door to access infected devices. Kaspersky estimates that about half a million Windows machines received the back door from the ASUS & # 39; update server. However, the attackers only seem to have targeted about 600 systems. Malware was designed to search for machines by their MAC address. It is not clear why the attackers focused on the small subset of machines.
Attacks in the supply chain, which specifically update servers, are becoming more and more common. Microsoft made a similar attack in 201