![]() ![]() The second is the case of the VGCA, the official certificate authority of the Vietnamese government. The first is the case of Able Desktop, software used by many Mongolian government agencies. ESET researchers have linked a stealthy cyberespionage group known as Gelsemium to the NoxPlayer Android emulator supply-chain attack that targeted gamers earlier this year. 08:04 AM 0 ESET researchers have discovered that the updating mechanism of NoxPlayer, an Android emulator for Windows and macOS, made by Hong Kong-based company BigNox, was compromised by an. Attackers targeted only a handful of victims. This incident is also the third supply chain attack discovered by ESET over the past two months. Hacker group inserted malware in NoxPlayer Android emulator. Bleeping Computer: Android emulator supply-chain attack targets gamers with malware. These correlations referred to the three malware strains deployed via malicious NoxPlayer updates, which ESET said contained "similarities" to other malware strains used in a Myanmar presidential office website supply-chain compromise in 2018 and early 2020 in an intrusion into a Hong Kong university. ZDNet: Hacker group inserted malware in NoxPlayer Android emulator. Ethical hacker, Market analyst at YouTube (product) (2020present). "We are still investigating, but we have found tangible correlations to a group we internally call Stellera, which we will be reporting about in the near future." Nox Player is an Android emulator for windows, targeted mostly towards end users for. The hackers compromised the update mechanism of NoxPlayer, an Android. "We discard the possibility that this operation is the product of some financially motivated group," an ESET spokesperson told ZDNet today via email. Gelsemium is an APT (Advanced Persistence Threat) group that has been active since. adopt additional measures, notably encryption of sensitive data, to avoid exposing users' personal informationĪs for who's behind the attack, ESET doesn't know, but it knows who it wasn't. As a result we see increasing amount of cases, like the recent discovery made by ALSO Group long term security partner ESET (see article in 1st comment), where it become easier for attacker to.implement file integrity verification using MD5 hashing and file signature checks.use only HTTPS to deliver software updates in order to minimize the risks of domain hijacking and Man-in-the-Middle (MitM) attacks. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |