A supply-chain attack dubbed Operation ShadowHammer has been uncovered, targeting users of the ASUS Live Update Utility with a backdoor injection. The China-backed BARIUM APT is suspected to be at the helm of the project. The campaign ran from June to at least November 2018 and may have impacted more than a million users worldwide though the adversaries appear to have been after specific victims in Asia. The utility is a pre-installed utility in most new ASUS computers for automatic BIOS, UEFI, drivers and applications updates.
Source: https://threatpost.com/asus-pc-backdoors-shadowhammer/143129/