- #Group inserted malware noxplayer emulator how to
- #Group inserted malware noxplayer emulator update
- #Group inserted malware noxplayer emulator android
- #Group inserted malware noxplayer emulator download
"We discard the possibility that this operation is the product of some financially motivated group," an ESET spokesperson told ZDNet today via email. Until today, and based on its own telemetry, ESET said it spotted malware-laced NoxPlayer updates being delivered to only five victims, located in Taiwan, Hong Kong, and Sri Lanka. Despite evidence implying that attackers had access to BigNox servers since at least September 2020, ESET said the threat actor didn't target all of the company's users but instead focused on specific machines, suggesting this was a highly-targeted attack looking to infect only a certain class of users.
#Group inserted malware noxplayer emulator download
Using this access, hackers tampered with the download URL of NoxPlayer updates in the API server to deliver malware to NoxPlayer users. ESET says that based on evidence its researchers gathered, a threat actor compromised one of the company's official API () and file-hosting servers ().
#Group inserted malware noxplayer emulator android
ZDNet reports: The attack was discovered by Slovak security firm ESET on January 25, last week, and targeted BigNox, a company that makes NoxPlayer, a software client for emulating Android apps on Windows or macOS desktops. However, ESET pointed out that the three malware strains deployed via malicious NoxPlayer updates had “ similarities ” to other malware strains used in a supply chain compromise of a presidential office in Myanmar in 2018 and early 2020 in a breach of a university in Hong Kong.A mysterious hacking group has compromised the server infrastructure of a popular Android emulator and has delivered malware to a handful of victims across Asia in a highly-targeted supply chain attack.
#Group inserted malware noxplayer emulator update
The unaware users when downloaded an update on NoxyPlayer, they were unconscious about this that they were downloading several malware strains scrutiny related proficiencies. It’s unclear whether NoxPlayer’s compromise is the work of a state-sponsored group or a financially motivated group seeking to put game developers at risk. The group is known to be called NightScout. The second is the case of the VGCA, the official certification body of the Vietnamese government.ĮSET researchers did not formally link this incident to any known hacking group. The first is the case of Able Desktop, software used by many Mongolian government agencies. This incident is also the third supply chain attack discovered by ESET in the past two months.
#Group inserted malware noxplayer emulator how to
To date, based on its own telemetry, ESET said NoxPlayer updates containing malware were delivered to just five victims in Taiwan, Hong Kong and Sri Lanka.ĮSET today released a report with technical details for NoxPlayers to determine if they have received a malware update and how to remove the malware.Ī BigNox spokesperson did not return a request for comment. “Three different malware families were distributed from tailor-made malicious updates to selected victims, with no sign of financial gain, but rather surveillance-related capabilities,” said ESET in a report shared today with ZDNet.ĭespite evidence that attackers had been able to access BigNox servers since at least September 2020, ESET said the threat actor was not targeting all users of the company, but instead specific machines, suggesting that this was a highly targeted attack that only a certain class of users. Using this access, hackers messed with the download URL of NoxPlayer updates in the API server to deliver malware to NoxPlayer users. The attack was discovered by Slovakian security company ESET on January 25 last week and targeted BigNox, a company that makes NoxPlayer, a software client for emulating Android apps on Windows or macOS desktops.ĮSET says that based on evidence collected by its researchers, a threat actor is one of the company’s official APIs ( ) and file hosting servers ( ). A mysterious hacking group has compromised the server infrastructure of a popular Android emulator and delivered malware to a handful of victims in Asia in a highly targeted supply chain attack.
0 kommentar(er)
