use only HTTPS to deliver software updates in order to minimize the risks of domain hijacking and Man-in-the-Middle (MitM) attacks.That breach targeted the Hong Kong University.ĮSET updates: Following the publication of our research, BigNox have contacted us to say that their initial denial of the compromise was a misunderstanding on their part and that they have since taken these steps to improve security for their users: They concluded this based on the similarities in the malware strains to the one used in Myanmar presidential official website hacked in 2018.
#Inserted malware in noxplayer emulator how to
To help out others no to fall victim of the malware attack, ESET has revealed their report with the details of the methodology and how to determine if the NoxPlayer you have is infected or not.Īccording to ESET, they are investigating further to identify the group involved and they doubt there is some interconnection with a group the team internally refers to as Stellera. That’s the reason so far only five victims in Asia – located in places including Taiwan, Hong Kong, and Sri Lanka. They targeted some machines of some class of users – the online gaming community in particular. It is a bit baffling that the hackers had access to the BigNox server ever since September last year but they employed a peculiar strategy to not get caught.
For this three different malware were used which were tailored for select victims. Once they got in the next step was to alter the download URL of the NoxPlayer updates and install the malware in the file which would get downloaded on the unfortunate user’s system.Īccording to ESET, the main motive was not any monetary demands or hacks – rather surveillance-related capabilities. This hack, the attacker(s) accomplished by spooking into the company’s official API () and the file-hosting servers ().
0 kommentar(er)
