[Important] Check Whether Your ASUS Computer Affected by ShadowHammer Attack
Recently several ASUS computer machines were attacked by ShadowHammer cyber attack. This attack utilized ASUS Live Update utility which comes bundled i.e. pre-installed with ASUS devices. This utility checks for new driver and firmware updates and automatically downloads and installs them in ASUS machines.
The attackers installed malicious backdoor in a small number of ASUS devices through a sophisticated attack on ASUS Live Update servers. The attackers modified ASUS Live Update utility to implant/inject their malicious code. All affected ASUS PCs were targeted for a specific set of MAC addresses.
Now if you are using an ASUS device such as Desktop PC or laptop machine, you might be wondering whether your ASUS machine is affected by this attack or not. Don’t worry! Today in this tutorial, we are going to share some ways to find out whether your ASUS device is affected by ShadowHammer attack or not.
Advertisement
Table of Contents
1. Using Official ASUS Security Diagnostic Tool
ASUS has acknowledged the issue and released an official diagnostic tool to check for affected systems.
You can download the tool from following download link:
Download ASUS Security Diagnostic Tool
Extract the downloaded ZIP file using a file archive utility such as 7-Zip and run the EXE file. It’ll let you know whether your device is compromised or not.
2. Using Kaspersky ShadowHammer Check Tool
Kaspersky who discovered this attack, has also released a tool to check whether your ASUS machine has been infected by this attack or not.
You can download the tool from following link:
Download Kaspersky ShadowHammer Check Tool
Advertisement
Extract the downloaded ZIP file and run the EXE file.
It’ll let you know whether your device is compromised or not.
3. Manually Check Your MAC Address
If you don’t trust the above mentioned tools or you are unable to use the tools, you can manually check whether your ASUS device was hacked or not using its MAC address.
1. First of all find our your device MAC address. Open Command Prompt using cmd command in RUN dialog box or Search box.
2. Now run following command in Command Prompt window:
ipconfig /all
The command will show detailed information about all network adapters.
Ignore the adapters which are showing “Media State” as “Media Disconnected“. Now look for “Physical Address” option for the adapters which are not showing “Media Disconnected” as “Media State”. The Physical Address will be a combination of 6 hexadecimal numbers.
Copy the Physical Address number and paste it the given text box at following link:
Check Whether Your ASUS Device MAC Address Affected
Click on “Check Now” button and it’ll let you know whether your ASUS device was affected by ShadowHamer attack or not.
PS: If your ASUS device was affected by this attack, immediately run a backup of your files and restore your operating system to factory settings. This will completely remove the malware from your computer.
Hi
I use opera and I always do the update when called upon to do so. on the last update I lost all my tiles and cannot re-set it the way it was. I have removed and re-installed OPera to no avail
I use windows 10 64 bits
^^ It might be an issue in the new Opera version. You should report it to Opera team.
my ASUS ROG G750JM laptop’s hard drive died two years ago, so I had to get a new SSD and a fresh new Windows 10 copy. It doesn’t come with the ASUS live software, so I’m pretty sure it’s fine.
^^ Yes. You are safe.