"rapid response : asus live update attack ( operation shadowhammer ) periodically, a large scale cybersecurity issue requires “ all hands on deck ” from the huntress team ( see wannacry, kaseya cryptominer, gandgrab outbreak ). the unfolding asus live update fiasco also happens to…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.002Compromise Software Supply Chain
88%
". we ’ re currently creating some resources to help you articulate what was done to ensure your company ’ s and client ’ s security. stay tuned! huntress play - by - play this situation is still unfolding. check the section frequently for updates! on march 25th, 2019, journalist …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1036.005Match Legitimate Resource Name or Location
74%
". ] com / pub / asus / nb / apps _ for _ win8 / liveupdate / liveupdate _ test _ ver360. zip - hxxps : / / liveupdate01s. asus [. ] com / pub / asus / nb / apps _ for _ win8 / liveupdate / liveupdate _ test _ ver359. zip these. zip archives contained a setup. exe and two. msi fil…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.002Compromise Software Supply Chain
69%
"were targeted. considering this very selective attack, your asus computers likely were not infected. on march 26th, asus urged that all asus computers / laptops running live update should be updated to version 3. 6. 8 “ to resolve security concerns ”. to give our partner ’ s peac…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.002Compromise Software Supply Chain
54%
". ] com / pub / asus / nb / apps _ for _ win8 / liveupdate / liveupdate _ test _ ver360. zip - hxxps : / / liveupdate01s. asus [. ] com / pub / asus / nb / apps _ for _ win8 / liveupdate / liveupdate _ test _ ver359. zip these. zip archives contained a setup. exe and two. msi fil…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.001Compromise Software Dependencies and Development Tools
39%
". ] com / pub / asus / nb / apps _ for _ win8 / liveupdate / liveupdate _ test _ ver360. zip - hxxps : / / liveupdate01s. asus [. ] com / pub / asus / nb / apps _ for _ win8 / liveupdate / liveupdate _ test _ ver359. zip these. zip archives contained a setup. exe and two. msi fil…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Periodically, a large scale cybersecurity issue requires “all hands on deck” from the Huntress Team (see WannaCry, Kaseya Cryptominer, GANDGRAB outbreak). The unfolding ASUS Live Update fiasco also happens to be one of those moments. We’ve created this blog is to provide simple answers to a complex supply chain attack affecting global IT Departments.