Check if your computer has been infected by the ASUS Update Malware

ASUS users may be aware by now that recent ASUS software updates were compromised and they installed backdoors on ASUS machines. According to estimates, half a million Windows machines have been installed with the malicious backdoor via the ASUS update server. Operation ShadowHammer was the supply chain attack that leveraged ASUS Live Update software. This malware functioned by searching for the targeted systems with the help of MAC addresses.

If you are ASUS user, you can check if your device has been targeted by the ShadowHammer cyberattack using this online tool from Kaspersky or the downloadable tool from ASUS.

Check computer for Asus Update Malware or ShadowHammer cyberattack

ShadowHammer cyberattack

Before you begin, you will need to know the MAC address of your computer. To find this, open an elevated Command Prompt window from the WinX Menu, type the following command and hit Enter:

getmac /v /fo list

Note down the Physical Address mentioned against your connection.

You could also use the following command to find out your MAC address.

ipconfig /all

Now you can visit this online tool from Kaspersky to scan your system.

If the MAC address matches one of the entries, the malware downloaded the next stage of malicious code. Otherwise, the infiltrated updater did not show any network activity. In total, security experts were able to identify more than 600 MAC addresses hard coded into the malware, says Kaspersky.

You can also download and use the ShadowHammer Check Tool from Kaspersky or the ASUS Security Diagnostic Tool from ASUS and run them.

Thanks for the heads up – @majorgeeks.

Posted by on , in Category Security with Tags
Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.

Leave a Reply

Your email address will not be published. Required fields are marked *


2 + 9 =