ASUS users may be aware by now that recent ASUS software updates were compromised and they installed backdoors on ASUS machines. According to estimates, half a million Windows machines have been installed with the malicious backdoor via the ASUS update server. Operation ShadowHammer was the supply chain attack that leveraged ASUS Live Update software. This malware functioned by searching for the targeted systems with the help of MAC addresses.
If you are ASUS user, you can check if your device has been targeted by the ShadowHammer cyberattack using this online tool from Kaspersky or the downloadable tool from ASUS.
Check computer for Asus Update Malware or ShadowHammer cyberattack
Before you begin, you will need to know the MAC address of your computer. To find this, open an elevated Command Prompt window from the WinX Menu, type the following command and hit Enter:
getmac /v /fo list
Note down the Physical Address mentioned against your connection.
You could also use the following command to find out your MAC address.
Now you can visit this online tool from Kaspersky to scan your system.
If the MAC address matches one of the entries, the malware downloaded the next stage of malicious code. Otherwise, the infiltrated updater did not show any network activity. In total, security experts were able to identify more than 600 MAC addresses hard coded into the malware, says Kaspersky.
You can also download and use the ShadowHammer Check Tool from Kaspersky or the ASUS Security Diagnostic Tool from ASUS and run them.
Thanks for the heads up – @majorgeeks.