![]() ![]() It is not currently clear why NightScout conducted an espionage operation targeting the gaming community. Interestingly, it appears that NightScout only infected five NoxPlayer users with a malicious update, based in Taiwan, Hong Kong, and Sri Lanka.Īlthough targeted cyberattacks are not unusual, they are more commonly used to target government officials or high-profile businessmen. NightScout also delivered a second-stage payload, the PoisonIvy RAT, but from their own infrastructure rather than using compromised NoxPlayer updates. The first has not been documented before, while the second was a variant of the Ghost remote access trojan (RAT). When unsuspecting NoxPlayer users downloaded an update, they were unknowingly downloading multiple malware strains with surveillance-related capabilities. Also, check out our roundup of the best malware removal tools.These are the best identity theft protection services on the market In mid-2020, PipeMon, the product of an attacker group called Winnti, who is also known to use supply-chain attacks, infected several massive multiplayer online (MMO) game developers to use game builds and game servers for their malicious purpose.We've built a list of the best Android antivirus apps around.Currently, users are advised not to update the new version of NoxPlayer or completely remove this software on their device. ![]() It can be concluded that this is a clearly targeted attack, targeting only a certain class of users.ĮSET said that at the present time the NoxPlayer update containing the malware was only distributed to five victims in Taiwan, Hong Kong and Sri Lanka.ĮSET reported the details of the attack to BigNox but BigNox denied that they were hacked. In January 2021, we discovered a new supply-chain attack compromising the update mechanism of NoxPlayer, an Android emulator for PCs and Macs, and part of BigNox's product range with over 150. also get it for free if youre a member of the MIFARE Classic Users group, which is free to join. ESET says hackers do not attack all users, but only target a few specific devices. Android / Tools / General / Mifare Classic Tool - MCT. There is evidence that BigNox's servers have been compromised since around September 2020. Our goal is to collect these sources and place them all in one area for quick reading. ![]() They can only be used for espionage or data collection purposes, " ESET said. Current News Sources: 60 Information about Cyber Security and Threat Intelligence should spread as fast as possible. There is no indication that hackers are interested in financial interests, so this attack has. ![]() "Three different families of malware were spread with fake updates targeting victims in Asia. With this access, the hacker forged the URL to download the NoxPlayer updates on the API server to spread the malicious code onto the victims' computers. Based on the evidence gathered, ESET said the hacker group has hacked into the official API and file-hosting servers of BigNox, the company that develops NoxPlayer. This attack was discovered by security firm ESET on January 25th. From here, the cyber criminals have spread malicious code to a series of victims in Asia. At present, to limit attack by malware, users should not update NoxPlayer software to the latest version.Ī mysterious group of hackers has just attacked the server infrastructure of the Android emulator NoxPlayer software. In case you have just updated the NoxPlayer software, you should uninstall it and wait until there is a new notification from BigNox.ĮSET statistics show that this offensive campaign is aimed at users living in Taiwan, Hong Kong and Sri Lanka. Only five detected until now, in countries such as Taiwan, Hong Kong, and Sri Lanka. Attackers targeted only a handful of victims. The attack was discovered by the Slovak security company ESET on January 25 last week and targeted at BigNox, a company that makes NoxPlayer, a. Researchers suggest users to check if there are any processes running in the background and connecting to the network with the C&C server. Hacker group inserted malware in NoxPlayer Android emulator. A mysterious hacking group has compromised the server infrastructure of a popular Android emulator and delivered malware to a handful of victims across Asia in a highly targeted supply chain attack. Immediately after detecting the attack, ESET immediately contacted BigNox, the company denied being affected, declined offers of assistance and decided to conduct an internal investigation. Spies target gamers with malware inserted into software updates, ESET says It's a supply-chain attack against a limited users of NoxPlayer, which allows people to play Android games on PCs and Macs. Researchers uncovered three different types of malware in the NoxPlayer update, however, they are designed primarily to monitor users, not to steal money. NoxPlayer was developed by BigNox (a company based in Hong Kong), this software is often used by gamers to run mobile games on computer. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |