ASUS has confirmed a data breach affecting a third-party supplier, which resulted in the exposure of some source code. This confirmation follows a leak of sample data by the Everest ransomware group, which publicly claimed to have stolen data from ASUS, as well as ArcSoft and Qualcomm. The cybercrime group boasted of stealing a database of one terabyte and published images of documents as evidence of the hack.
In a public statement, ASUS clarified the scope of the incident. The company noted that the breach at the supplier exposed only a portion of the camera source code for ASUS phones. Crucially, the statement confirmed that the incident had no impact on ASUS products, internal company systems, or the privacy of its users.
The files leaked by the ransomware group were extensive, including a wide array of technical and internal information. The stolen data reportedly contained binary segmentation modules, source code and patches, RAM dumps and memory logs, AI models and weights, OEM internal tools and firmware, and test videos. Other items included calibration and dual-camera data, image datasets, crash logs, debug reports, and various evaluation and performance reports.
The theft of source code specifically tied to camera modules is a serious concern, as it provides a complete blueprint of how a critical piece of hardware functions. This kind of deep technical knowledge could potentially allow an attacker to discover a fully exploitable vulnerability within the hardware or its associated software.
Following the breach, ASUS stated that it is actively working to reinforce its security measures, emphasizing its commitment to strengthening supply chain security in compliance with established cybersecurity standards. Cybersecurity experts have noted that the greater risk from such a vendor breach is not the compromised component itself, but the possibility that the weak point could be leveraged as an entry point for exploits targeting drivers, firmware, updates, or other third-party integrations.
Reference:
