Operation ShadowHammerOperation ShadowHammer

Also known as: Operation ShadowHammer

Known aliases
1

Profile

Newly discovered supply chain attack that leveraged ASUS Live Update software. The goal of the attack was to surgically target an unknown pool of users, which were identified by their network adapters’ MAC addresses. To achieve this, the attackers had hardcoded a list of MAC addresses in the trojanized samples and this list was used to identify the actual intended targets of this massive operation. We were able to extract more than 600 unique MAC addresses from over 200 samples used in this attack. Of course, there might be other samples out there with different MAC addresses in their list.

Aliases· 1

Operation ShadowHammer

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
ShadowHammer
Actor
Operation Shadow Force
CVE
ASUS Live Update Embedded Malicious Code Vulnerability
Actor
Operation Red Signature
Actor
FishMedley
Actor
Operation Sharpshooter
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.