Sometimes these lists were small, and sometimes they contained hundreds of entries, as was highlighted by both Kaspersky and an F-Secure analysis published today. #ASUS MAC ADDRESS CHECK UPDATE#Only the device vendors would be able to answer these questions, and especially ASUS.įurthermore, there have been different backdoored versions of the Live Update software, each targeting different MAC addresses. Raiu said the target list was most likely put together after reconnaissance operations in previous attacks, and it will be almost impossible to tell who hackers targeted. Attackers knew exactly who they wanted to hackĬostin Raiu, one of the Kaspersky Lab researchers involved in the ShadowHammer investigation, also told ZDNet that no conclusions could be drawn from this MAC list.Īttackers can determine the MAC address of a device without compromising it, through a technique called network scanning. Almost all vendors included on the list, even the ones who had just a handful of MAC addresses targeted, are makers of WiFi-capable devices.Īn industry insider told ZDNet that while this might suggest that the purpose of Operation ShadowHammer (the codename given to the ASUS hack) might be to target certain types of WiFi capable systems, the small number of MAC addresses that hackers selected actually proves the opposite point -that they were after selected targets, rather than mass-targeting generic WiFi-capable devices as a whole. The vast majority of these MAC addresses belong to large corporations ASUStek, Intel, and AzureWave. ZDNet also received a cleartext copy earlier this week and had been looking into the vendors' whose MAC addresses were included on the list. Other security firms, like Qihoo 360, were already analyzing it even before today. Lists containing the MAC addresses in a hashed version have been going around the web all week -for example, this version uploaded on GitHub. #ASUS MAC ADDRESS CHECK FREE#"Now, the unhashed list is free for everyone to use, researchers and organizations alike." What's on the list?Īlthough the MAC list was made public today for the first time in a cleartext version, its content was never a secret. ![]() "Kaspersky was probably distributing those lists through their paid service," a Skylight Cyber spokesperson told ZDNet earlier today. When the ASUS hack become public earlier this week, Kaspersky published an app that would check users' computers and report if they were on the hackers' very small list of potential targets. #ASUS MAC ADDRESS CHECK INSTALL#The backdoored Live Update tool would only install additional malware on certain computers that had a specific MAC address for their network interfaces. Not all ASUS users were targeted during this hack. The ASUS hack happened last year when suspected Chinese hackers breached the ASUS IT infrastructure and backdoored the company's Live Update tool that's installed on all ASUS notebooks to help with automatic firmware updates. The Skylight team obtained this list by reverse engineering a Windows app created by Kaspersky Lab to let ASUS users test if their computers were of interest to hackers. #ASUS MAC ADDRESS CHECK HOW TO#
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |