![]() "We have also offered our support to help them past the disclosure in case they decide to conduct an internal investigation." Attack Tactics "We have contacted BigNox about the intrusion, and they denied being affected," according to ESET. But the potential to do a great deal more damage remains. In this case, when NoxPlayer customers updated the software, the malicious application delivered three malware variants with surveillance capabilities, the report notes (see: SolarWinds Hackers Cast a Wide Net).ĮSET estimates that so far only five NoxPlayer customers, based in Taiwan, Hong Kong and Sri Lanka, have been infected by the malware out of an estimated 100,000 NoxPlayer users worldwide. ![]() The campaign functioned like the SolarWinds attack, which spread when the company pushed out a software update. The supply chain attack involves hackers compromising BigNox's product called NoxPlayer, which is used by gamers to play mobile games on their computers. ![]() See Also: Live Webinar | Breaking Down Security Challenges so Your Day Doesn’t Start at 3pmĮSET notes the campaign has been ongoing since September 2020 and has targeted customers of BigNox, a Hong Kong-based Android emulator software developer. Moreover, the targeted attacking strategy indicates that the group is clear about its attack targets and could be a dangerous threat for the organizations on its radar.A cyberespionage campaign is targeting game developers in Asia using an infected Android emulator app as part of a supply chain attack, a report issued this week by security firm ESET finds. The use of sophisticated malware components indicates that Gelsemium has good experience with malware development. Victims originally targeted by that attack were later compromised by Gelsemine. Further, the investigation revealed some overlap between this supply-chain attack and the Gelsemium group. ![]() This displayed the highly targeted nature of the operation.
0 Comments
Leave a Reply. |