Operation ShadowHammer is a new and highly targeted supply chain attack discovered by Kaspersky Lab. The attack leveraged ASUS Live Update software to distribute malicious code. Live Update is a utility which commonly comes pre-installed on most ASUS computers and is used to update system drivers and BIOS/UEFI code. ReversingLabs researchers looked into what is currently publicly available. Using our Titanium Platform weve been able to make a few connections which lead us to, what we believe is, the first iteration of this malware code.”]
Source: https://blog.secure.software/forging-the-shadowhammer