Asus WebStorage Cloud Backup Update Service Used to Install Malware on Users’ PCs, Researchers Say

The news comes just a few months after a major security flaw allowed Asus' desktop software to be used to infect up to a million PCs worldwide.

Advertisement
By Jamshed Avari | Updated: 17 May 2019 14:00 IST
Highlights
  • Malware researchers at Eset discovered the problem and notified Asus
  • Asus says it has put additional security measures in place
  • The WebStorage update service was not verifying digital signatures

Asus' own digital signature on the infected software update.

Photo Credit: Eset

Security researchers at Eset have reported that Asus' online WebStorage cloud service has been used to distribute malware thanks to a security flaw in the desktop client's automatic updater. By exploiting an insecure HTTP connection and faulty code signing checks, attackers were able to distribute and execute software that installs a backdoor known as Plead on affected computers. The Plead malware is a simple backdoor that infects PCs and then downloads additional malware, which is added to the Windows startup routine so that it is executed every time the infected PC is booted up.

According to Eset, the malware was discovered on computers in Taiwan belonging to its clients, and the issue could be far more widespread. Beginning in April, the company started detecting infected files being downloaded automatically onto PCs by the Asus WebStorage updater, which is a legitimate Windows background service. The attackers were able to trick the software into downloading the malware from a compromised Taiwanese government server rather than a genuine update from Asus's own servers. Asus' software was not verifying the digital signatures of the updates it received, according to Eset reseracher Anton Cherepanov.    

Advertisement

Eset says it notified Asus about the issue before going public with the information. In response, Asus has published a notice on its WebStorage site, saying it shut down the WebStorage update server as a precaution, and has since implemented new security measures, but recommends that users run their own virus scans immediately to be sure that they are safe.  

Eset is still investigating the case, and believes that the attackers did not use the same method as the supply-chain attack that leveraged Asus' Live Update software and potentially infected over a million users earlier this year. However, the Asus WebStorage servers are not being used as command and control servers for the new malware, and the updater continued to receive legitimate Asus files during this time. 

Advertisement

The more likely scenario is a man-in-the-middle method, where the attackers are able to interfere with communication between servers and computers, and substitute legitimate data for the malware. Eset researchers also suspect that compromised routers might have been used, as many of the affected clients were using Asus routers which allow remote access to their admin control panels over the Internet.

Trend Micro, another anti-malware vendor, has previously associated the Plead backdoor with a malicious group called BlackTech, which is known to have conducted online espionage in Asia.          

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Asus, Asus WebStorage, ESET
Advertisement

Related Stories

Popular Mobile Brands
  1. Huawei Band 11 Series Over 100 Workout Modes Debuts in India: See Price
  2. iQOO Z11i Launched With 6,500mAh Battery, Snapdragon 4 Gen 2: See Price
  3. Amazon Prime Day 2026: Early Deals on Galaxy S25 Ultra, OnePlus 13 and More
  4. Alienware 15 Arrives in India as Dell's Most Affordable Gaming Laptop Yet
  5. Samsung Galaxy S25 Ultra to Drop Below Rs. 85,000 in Amazon's Prime Day Sale
  6. Amazon Prime Day 2026: Best Deals on Smartphones Under Rs. 30,000
  7. Here's Our First Look of the Nothing Phone 4b 'RCB Edition' Variant
  8. Vivo X500 Camera Details Surface Online After X500 Pro Max Leaks
  9. iPhone 18 Pro Max Might Arrive With Apple's Biggest Battery Yet
  10. Amazon Prime Day Sale: Early Deals on Smartphones From Top Brands Revealed
  1. Samsung Galaxy S27, Galaxy S27+ Said to Feature 'Privacy Display'; Ultra Model Might Get Selfie Camera Upgrade
  2. Asus Vivobook 15 (2026) With Intel Core 5 Series 3 CPU Launched in India: Price, Features
  3. Bitcoin Climbs Above $61,600 as Weak US Jobs Data Boosts Crypto Investor Sentiment
  4. iPhone 18 Pro Max Might Arrive With Apple's Biggest Smartphone Battery to Date, Latest Leak Suggests
  5. Vivo X500 Camera Specifications Leaked; 64-Megapixel Periscope Telephoto Camera Tipped
  6. Lenovo Legion Y700 AI Tablet Confirmed to Launch in August; Company Teases Gaming Tablet's Design
  7. iPhone 18 Pro to Feature Apple's C2 Modem Globally, Qualcomm Chip in the US: Report
  8. Xbox Will Reportedly Allow Users to Digitise Physical Games, Ship Project Helix Without Disc Drive
  9. Fire-Boltt's First Smartphone May Be Called Boltt Evo 4G, Tipster Claims; Key Specifications Leak
  10. iQOO Z11i Launched With 6,500mAh Battery, Snapdragon 4 Gen 2 Chip: Price, Specifications
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.