- GROUP INSERTED MALWARE NOXPLAYER EMULATOR HOW TO
- GROUP INSERTED MALWARE NOXPLAYER EMULATOR ANDROID
- GROUP INSERTED MALWARE NOXPLAYER EMULATOR SOFTWARE
- GROUP INSERTED MALWARE NOXPLAYER EMULATOR DOWNLOAD
Let me say straight off, it’s probably a good sign that supply chain attacks, like phishing attacks have become the top types of attack respectively.
Tags: Android, data protection, malware, supply chain More likely is that they’ve been happening for a while, and we have recently become more diligent about looking for them. I don’t know if there are actually more supply-chain attacks occurring right now. Until today, and based on its own telemetry, ESET said it spotted malware-laced NoxPlayer updates being delivered to only five victims, located in Taiwan, Hong Kong, and Sri Lanka.
GROUP INSERTED MALWARE NOXPLAYER EMULATOR DOWNLOAD
Using this access, hackers tampered with the download URL of NoxPlayer updates in the API server to deliver malware to NoxPlayer users.ĭespite evidence implying that attackers had access to BigNox servers since at least September 2020, ESET said the threat actor didn’t target all of the company’s users but instead focused on specific machines, suggesting this was a highly-targeted attack looking to infect only a certain class of users.
GROUP INSERTED MALWARE NOXPLAYER EMULATOR ANDROID
This one is in the NoxPlayer Android emulator:ĮSET says that based on evidence its researchers gathered, a threat actor compromised one of the company’s official API () and file-hosting servers (). It seems to be the season of sophisticated supply-chain attacks. However, ESET pointed out that the three malware strains implemented through harmful NoxPlayer updates had “similarities” with other malware strains used in a compromise on the supply chain of the Myanmar presidential office website in 2018 and early 2020 in an intrusion into a Hong Kong university.NoxPlayer Android Emulator Supply-Chain Attack It is unclear whether the NoxPlayer compromise is the work of a state-sponsored group or a financially motivated group that seeks to compromise game developers. The second is the case of VGCA, the official certification authority of the Vietnamese government.ĮSET researchers have not officially linked the incident to a well-known hacking group.
GROUP INSERTED MALWARE NOXPLAYER EMULATOR SOFTWARE
The first is the case of Able Desktop, software used by many Mongolian government agencies. This incident is also the third attack on the supply chain discovered by ESET in the last two months.
GROUP INSERTED MALWARE NOXPLAYER EMULATOR HOW TO
To date, and based on its own telemetry, ESET has said it has noticed NoxPlayer updates related to malware delivered to only five victims, located in Taiwan, Hong Kong and Sri Lanka.ĮSET today released a report with technical details for NoxPlayers to determine if they received a malware update and how to remove the malware.Ī BigNox spokesman did not return a request for comment. “Three different families of distributed malware have been observed from malicious updates customized to selected victims, with no signs of financial gain, but rather surveillance capabilities,” ESET said in a report released today with ZDNet.ĭespite evidence suggesting that the attackers had access to BigNox’s servers since at least September 2020, ESET said the threat actor did not target all company users, but focused on specific machines, suggesting that this was a highly targeted attack that aims to infect only a certain class of users. Using this access, hackers changed the NoxPlayer update download URL to the API server to deliver malware to NoxPlayer users. The attack was discovered by Slovak security firm ESET on January 25 last week and targeted BigNox, a company that makes NoxPlayer a software client for emulating Android applications on Windows or MacOS desktops.ĮSET says that, based on evidence gathered by its researchers, a threatening actor compromised one of the company’s official APIs ( ) and file hosting servers ( ). A mysterious hacking group has compromised the server infrastructure of a popular Android emulator and delivered malware to a handful of Asian victims in a highly targeted supply chain attack.
0 kommentar(er)
