Asus and Gigabyte: Mainboards targeted by cybercriminals

On July 28, 2022By Garmin Philip

CosmicStrand Malware

Security experts have discovered dangerous malware in the firmware of some motherboards. The manufacturers Asus and Gigabyte have been affected so far.

News

Stock photo of a motherboard from MSI — So far, the malware has only been detected on Asus or Gigabyte systems.

Kaspersky security experts have dangerous UEFI rootkits in Asus and Gigabyte firmware discovered. They therefore warn of attacks aimed at the mainboards of the two manufacturers. That reports that Online magazine Bleeping Computer.

Apparently, the malware has been hiding in the firmware since 2016. Chinese hacker groups are said to be responsible for this used devices before resale should have equipped with the rootkit.

The malware used was identified by Kasperky with “cosmic beach” titled. The level of threat is currently still unclear, since the extent of the affected systems cannot be estimated. However, it is necessary for an attack, initially direct access to the computer to have.

Once deployed successfully, the malware is designed to customize the operating system’s loader and take control. Further malware is then downloaded to further weaken the system. Antivirus programs can do little heresince the UEFI rootkit runs before all other applications during boot-up.

So far, the rootkit has only been found on computers with Asus or Gigabyte mainboards H81 chipset to use. Although this is outdated hardware, some devices are apparently still in circulation.

It is currently unclear whether other manufacturers could be affected. There has not yet been an official warning from Asus or Gigabyte, nor has there been any corresponding security updates.