Recently, a massive supply of the chain cyber attack against the Asus users has taken place. Following an investigation on the same hack, the popular Russian security firm, Kaspersky did not release the complete list of the compromised MAC user addresses that the hackers had hardcoded into their malware aiming to surgically target a specific pool of the users. Instead, Kaspersky has released a dedicated offline tool and has launched an online web page where the ASUS PC users can search for their MAC addresses in order to check if they were in the hit list. Although, many people believes that this is the most inconvenient way used by the large enterprises to know if their addresses have been compromised in the hack.
To solve the inconvenience and to aid the other cybersecurity experts to continue their search for the related hacking campaigns like the ASUS hack, the CTO of Australian security firm named by Skylight has provided the complete list of the approximately 583 compromised MAC addresses that was targeted in the Asus breach. The Skylight researchers recovered the list of the targeted MAC addresses with the help of the offline tool released by Kaspersky that contains a complete list of 619 MAC addresses within the protected but executable salted hash algorithm. They have implemented a powerful Amazon server and a modified version of the HashCat password cracking tool to find out the 583 compromised MAC addresses in below 60 minutes.
All of the issues are due to the Asus hack operation that was named as ShadowHammer that has compromised the systems of 57,000 users that were infected with the backdoor version of ASUS LIVE update of the software. Initially, the breach was not informed to the ASUS team while they received the information about the chain cyber attacks on 31st of January, 2019.